TMS zl Management and Configuration Guide ST.1.1.100226
9-35
Routing
OSPF
Note When you change an interface’s hello interval, you must remember to change
its peer interface’s dead interval accordingly. Otherwise, the peer may wrongly
decide the interface is down. You can determine how many times longer the
dead interval should be than the hello interval according to how reliable your
network is. For example, the default dead interval is four times longer than
the hello interval, which allows for three hello packets to go astray without
changing the status of the link.
Table 9-15. OSPF Intervals for Interfaces
OSPF Authentication
If you enable authentication on your OSPF network, then routers will not
exchange their databases to achieve adjacency until they have authenticated
each other with a password. OSPF authentication prevents network devices
from inadvertently joining the wrong area. In addition, hackers and malware
can send pseudo-OSPF packets to establish a neighbor relationship with the
routers on your private network. After this relationship is established, the
hackers and the malware writers receive LSAs and learn valuable information
about your network. OSPF authentication ensures that routers on your private
network do not accept unauthorized packets.
The TMS zl Module supports two types of OSPF authentication:
■ OSPF simple password authentication (text)
■ Authentication with MD5
With OSPF simple password authentication, routers simply add a password
to the 64-bit authentication field in the OSPF header.
Interval Meaning Default Setting Range
Hello Time between sending
hellos
10 seconds 1 to 65,535 seconds
Dead Time to wait
for a hello before
determining a link
is down
40 seconds 1 to 65,535 seconds
Retransmit Minimum time before
sending a
new LSA
5 seconds 1 to 65,535 seconds
Transmit delay Time assumed for
an LSA to reach a
peer
1 second 1 to 65,535 seconds