Kaspersky SD-WAN
- About Kaspersky SD-WAN
- Architecture of the solution
- Redundancy and fault tolerance
- Ensuring security
- User interface of the solution
- Authentication in Kaspersky SD-WAN
- Setting and resetting the default page
- Switching between light and dark theme
- Limiting the duration of a user session when idle
- Viewing active user sessions
- Configuring the Docker container log verbosity
- Navigating to the orchestrator API
- Changing the language of the orchestrator web interface
- Licensing of Kaspersky SD-WAN
- Managing Kaspersky SD-WAN domains
- Managing data centers
- Managing VIMs
- Managing subnets
- Viewing logs
- Service Requests
- Managing network services
- User roles and actions with network services
- Uploading a VNF or PNF package to the orchestrator
- Network service template
- Creating a network service
- Configuring network service topology components
- Editing a network service topology
- Deploying a network service
- Checking the consistency of a network service
- Redeploying a network service and its components
- Auto-Healing
- Managing VNFs and VDUs in a network service
- Viewing the network service log
- Deleting a network service
- Managing confirmation requests
- Managing users
- Creating an LDAP connection
- Editing an LDAP connection
- Changing the password of an LDAP connection
- Deleting an LDAP connection
- Creating access permissions
- Editing access permissions
- Cloning access permissions
- Removing an access permission
- Creating a user
- Editing a user
- Changing user password
- Activating or blocking a user
- Deleting a user
- Creating a user group
- Editing a user group
- Deleting a user group
- Managing tenants
- Creating a tenant
- Assigning a VIM to a tenant
- Assigning topology components to a tenant
- Assigning compute resources to a tenant
- Assigning a user to a tenant
- Assigning a user group to a tenant
- Authenticating as an administrator in the tenant's orchestrator web interface
- Editing a tenant
- Deleting a tenant
- Managing SD-WAN instances
- Creating an SD-WAN instance template
- Setting the default SD-WAN instance template
- Deleting an SD-WAN instance template
- Adding a tenant to an SD-WAN instance template
- Removing a tenant from an SD-WAN instance template
- Configuring high availability
- Choosing a transport strategy
- Adding a tenant to an SD-WAN instance
- Removing a tenant from an SD-WAN instance
- Viewing devices assigned to an SD-WAN Instance
- Deleting an SD-WAN instance
- Creating a pool of SD-WAN instances
- Adding an SD-WAN instance to a pool
- Removing an SD-WAN instance from a pool
- Deleting a pool of SD-WAN instances
- Managing CPE devices
- Composition of CPE devices
- Composition of uCPE devices
- SD-WAN managementTunnel management transport service
- Automatic configuration of CPE (ZTP) devices
- CPE device statuses and states
- Ensuring connectivity of CPE devices with SD-WAN Controllers
- Automatically updating the link cost based on maximum speed of the interface
- CPE template
- Creating a CPE device
- Specifying the address of a CPE device
- Registering a CPE device
- Activating or deactivating a CPE device
- Using a web address to activate a CPE device
- Connecting to the CPE device console
- Deleting a CPE device
- Viewing the password of a CPE device
- Restarting a CPE device
- Shutting down a CPE device
- Exporting settings and SD-WAN interfaces from a CPE device
- Exporting network interfaces from a CPE device
- Searching for CPE devices
- Automatic removal and deactivation of a CPE device
- Two-factor authentication of a CPE device
- Orchestrator certificates
- Tags
- Out-of-band management of CPE devices
- Managing CPE devices in SD-WAN controller menu
- Viewing the OpenFlow table of a CPE device
- Viewing statistics of OpenFlow interfaces
- Viewing statistics of queues on LAN interfaces
- Navigating to service interfaces on a CPE device
- Viewing the specifications of a CPE device
- Viewing the usage of a CPE device
- Changing the status of a CPE device in the SD-WAN Controller
- Changing the MAC address of a CPE device
- Terminating the TCP session between a CPE device and the SD-WAN Controller
- Scripts
- Network interfaces
- Configuring the connection of a CPE device to the SD-WAN network
- SD-WAN interfaces
- OpenFlow interfaces
- Service interfaces and UNIs
- Creating a service interface
- Creating an ACL interface
- Viewing the usage of a service interface and an ACL interface
- Deleting a service interface and an ACL interface
- Creating a UNI template
- Creating a UNI in a template
- Editing a UNI in a template
- Deleting a UNI in a template
- Deleting a UNI template
- Creating a UNI
- Editing a UNI
- Deleting a UNI
- Filtering routes
- The BGP dynamic routing protocol
- The OSPF dynamic routing protocol
- The BFD protocol
- Creating or deleting a static IPv4 route
- The VRRP protocol
- Viewing the settings of the CPE device connection to the service provider network
- Configuring the connection of a CPE device to a Syslog server
- Configuring the connection of a CPE device to an NTP server
- Firmware
- Monitoring solution components
- Tunnels, segments, and paths
- Configuring topology
- Quality of Service (QoS)
- Transport services
- Point-to-Point (P2P) transport service
- Point-to-Multipoint (P2M) transport service
- Multipoint-to-Multipoint (M2M) transport service
- Adding a transport service in a CPE template
- Editing a transport service in a CPE template
- Deleting a transport service from a CPE template
- Scenario: Directing application traffic to a transport service
- Traffic mirroring
- Task scheduler
- Configuring the SD-WAN Controller
- Editing the SD-WAN Controller
- Restarting the SD-WAN Controller
- Downloading a backup SD-WAN Controller configuration file
- Restoring the SD-WAN Controller
- Deleting the SD-WAN Controller
- SD-WAN Controller properties
- Viewing information about SD-WAN Controller nodes
- Viewing the topology of a deployed SD-WAN instance
- Contacting Technical Support
- Appendices
- Glossary
- Control plane
- Customer Premise Equipment (CPE)
- Data plane
- DSCP values
- Graceful restart
- Orchestrator
- Physical Network Function (PNF)
- PNF package
- SD-WAN Controller
- SD-WAN Gateway
- Software-Defined Networking (SDN)
- Software-Defined Wide Area Network (SD-WAN)
- Tenant
- Universal CPE (uCPE)
- Virtual Infrastructure Manager (VIM)
- Virtual Network Function (VNF)
- Virtual Network Function Manager (VNFM)
- VNF Package
- Information about third-party code
- Trademark notices
Managing CPE devices > The OSPF dynamic routing protocol > Configuring the OSPF protocol
Configuring the OSPF protocol
Configuring the OSPF protocol
You can specify settings for using the OSPF dynamic routing protocol on an individual CPE device or on all devices that use the CPE template. If you plan to use route filtering, before configuring the OSPF protocol, you must do the following:
Use the following instructions to configure OSPF:
- Configuring OSPF on an individual CPE device.
To configure OSPF on an individual CPE device:
- In the menu, go to the SD-WAN section.
By default, the CPE subsection is displayed with a table of CPE devices.
- Click the CPE device.
The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button
. - Select the OSPF tab.
By default, the General settings tab is selected, which displays the OSPF settings.
- Select the Override check box to ignore the applied CPE template and make the settings in the selected tab editable. This check box is cleared by default.
- In the OSPF drop-down list, select one of the following values:
- Enabled
- Disabled (selected by default)
- In the Router ID field, enter the IPv4 address of the CPE device.
- In the Maximum Paths field, enter the maximum number of entries in the routing table of the CPE device. Range of values: 1 to 16.
- If you want to use the CPE device as a border router (Area Border Router, ABR), in the ABR Type drop-down list, select one of the following values:
- IBM (this implementation is used by default)
- CISCO
- Shortcut
- STANDARD
- In the Auto Cost Reference Bandwidth field, enter the reference bandwidth for calculating the cost of communication channels. The cost is used to determine the best route. You can increase or decrease the reference value to influence the route selection and to give preference to certain communication channels. Range of values: 1 to 4,294,967.
- If you need to switch all interfaces of the CPE device to passive mode, select the Passive Interface Default check box. In passive mode, interfaces do not send OSPF hello packets and do not actively participate in OSPF routing. As a rule, interfaces that do not need routing updates, such as interfaces connected to user devices or networks that are not part of the OSPF domain, are switched to passive mode. This check box is cleared by default.
- If you want to keep an OSPF log, select the Log Adjacency Changes check box. The OSPF log records changes that occur between the CPE device and OSPF peers, such as when a peer goes out of service. This check box lets you track changes, resolve peer-related problems, and gather information about the stability of the OSPF network. This check box is cleared by default.
- If you have selected the Log Adjacency Changes check box, if you want to keep a more detailed OSPF log, select the Detail check box. The more detailed log lets you diagnose individual events involving an OSPF peer, as well as see the sequence of its states changing. This check box is cleared by default.
- If necessary, under Route redistribution, configure the redistribution of routes of other routing protocols in OSPF:
- Select the check box next to the route type:
- BGP to redistribute BGP routes.
- Connected to redistribute routes directly connected to CPE device interfaces.
- Kernel to redistribute Kernel routes generated by the operating system of the CPE device.
- Static to redistribute static routes.
By default, all check boxes are cleared.
- In the Route map drop-down list, select a previously created route map to pick the routes that you want to redistribute.
- In the Metric field, enter a metric for redistributed routes. Range of values: 0 to 16,777,214.
- In the Metric Type drop-down list, select the type of the metric:
- Type 1 (or "internal metric")
- Type 2 (or "external metric")
- Select the Filtering check box and in the Access control list drop-down list, select the previously created access control list that you want to use for reallocating routes. This check box is cleared by default.
- Select the check box next to the route type:
- In the Default Metric field, enter the default metric for all OSPF routes. Range of values: 0 to 16,777,214.
- If necessary, configure the CPE device to advertise the default route to the OSPF network:
- Select the Default Originate check box. This check box is cleared by default.
- Select the Always check box to always advertise the default route, even if it is not in the CPE device's routing table. This check box is cleared by default.
- In the Metric Type drop-down list, select the type of metric for the default route:
- Type 1
- Type 2
- In the Metric field, enter a metric for the default route. Range of values: 0 to 16,777,214.
- In the Route map drop-down list, select a previously created route map for the default route.
- In the Distance field, enter the administrative distance for the OSPF routes. When multiple routes exist to a single destination, provided by different routing protocols, the administrative distance allows you to pick the preferred protocol.
The lower the administrative distance specified for a protocol, the higher the priority its route have. For example, if you want routes OSPF routes to always be preferred over BGP routes, specify the administrative distance of 1 for OSPF and 2 for BGP. Range of values: 1 to 255.
- If necessary, configure the administrative distances of individual OSPF routes:
- Select the Distance OSPF check box. This check box is cleared by default.
- In the External field, enter the administrative distance for routes from external OSPF domains or routing protocols. Range of values: 1 to 255.
- In the Inter-Area field, enter the administrative distance for routes from different areas of the same OSPF domain. Range of values: 1 to 255.
- In the Intra-Area field, enter the administrative distance for routes from the same area. Range of values: 1 to 255.
- If necessary, enable Graceful restarton the CPE device:
This feature allows a CPE device to notify its peers about an imminent restart, for example, when using BGP. This lets the peers immediately remove the relevant CPE device from the routing table, without waiting for the timeout to end.
- Select the Graceful Restart check box. This check box is cleared by default.
- In the Grace Period (sec.) field, enter the length of time, in seconds, during which the CPE device announces its intention to restart to OSPF peers. Range of values: 1 to 1800.
- If necessary, configure timers for the Shortest Path First (SPF) algorithm calculations:
- Select the Timers Throttle SPF check box. This check box is cleared by default.
- In the Delay (sec.) field, enter the length in seconds of the delay before starting the calculations of the SPF algorithm. Range of values: 0 to 600,000.
- In the Initial Hold-Time (ms.) field, enter the minimum retention time in milliseconds between two calculations of the SPF algorithm. Range of values: 0 to 600,000.
- In the Maximum Hold-Time (ms.) field, enter the maximum retention time in milliseconds between two calculations of the SPF algorithm. Range of values: 0 to 600,000.
- If necessary, configure maximum metrics for link state advertisement (LSA):
- Select the Administrative check box to administratively specify the maximum metric value for LSA of the CPE device.
- Select the On Startup check box to specify the time in seconds for which the maximum metric remains applied to the LSA of the CPE device when the OSPF process is started or restarted, and enter a value in theTimer (sec.) field.
- Select the On Shutdown check box to specify the time in seconds for which that the maximum metric remains applied to the LSA of the CPE device when the OSPF process finishes, and enter a value in the Timer (sec.) field.
- In the upper part of the settings area, click Save to save the configuration of the CPE device.
- In the menu, go to the SD-WAN section.
- Configuring OSPF on all devices that use a CPE template.
To configure OSPF on all devices that use a CPE template:
- In the menu, go to the SD-WAN → CPE templates subsection.
A table of CPE templates is displayed.
- Click the CPE template.
The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand button
. - Select the OSPF tab.
By default, the General settings tab is selected, which displays the OSPF settings.
- In the OSPF drop-down list, select one of the following values:
- Enabled
- Disabled (selected by default)
- In the Router ID field, enter the IPv4 address of the CPE device.
- In the Maximum Paths field, enter the maximum number of entries in the routing table of the CPE device. Range of values: 1 to 16.
- If you want to use the CPE device as a border router (Area Border Router, ABR), in the ABR Type drop-down list, select one of the following values:
- IBM (this implementation is used by default)
- CISCO
- Shortcut
- STANDARD
- In the Auto Cost Reference Bandwidth field, enter the reference bandwidth for calculating the cost of communication channels. The cost is used to determine the best route. You can increase or decrease the reference value to influence the route selection and to give preference to certain communication channels. Range of values: 1 to 4,294,967.
- If you need to switch all interfaces of the CPE device to passive mode, select the Passive Interface Default check box. In passive mode, interfaces do not send OSPF hello packets and do not actively participate in OSPF routing. As a rule, interfaces that do not need routing updates, such as interfaces connected to user devices or networks that are not part of the OSPF domain, are switched to passive mode. This check box is cleared by default.
- If you want to keep an OSPF log, select the Log Adjacency Changes check box. The OSPF log records changes that occur between the CPE device and OSPF peers, such as when a peer goes out of service. This check box lets you track changes, resolve peer-related problems, and gather information about the stability of the OSPF network. This check box is cleared by default.
- If you have selected the Log Adjacency Changes check box, if you want to keep a more detailed OSPF log, select the Detail check box. The more detailed log lets you diagnose individual events involving an OSPF peer, as well as see the sequence of its states changing. This check box is cleared by default.
- If necessary, under Route redistribution, configure the redistribution of routes of other routing protocols in OSPF:
- Select the check box next to the route type:
- BGP to redistribute BGP routes.
- Connected to redistribute routes directly connected to CPE device interfaces.
- Kernel to redistribute Kernel routes generated by the operating system of the CPE device.
- Static to redistribute static routes.
By default, all check boxes are cleared.
- In the Route map drop-down list, select a previously created route map to pick the routes that you want to redistribute.
- In the Metric field, enter a metric for redistributed routes. Range of values: 0 to 16,777,214.
- In the Metric Type drop-down list, select the type of the metric:
- Type 1 (or "internal metric")
- Type 2 (or "external metric")
- Select the Filtering check box and in the Access control list drop-down list, select the previously created access control list that you want to use for reallocating routes. This check box is cleared by default.
- Select the check box next to the route type:
- In the Default Metric field, enter the default metric for all OSPF routes. Range of values: 0 to 16,777,214.
- If necessary, configure the CPE device to advertise the default route to the OSPF network:
- Select the Default Originate check box. This check box is cleared by default.
- Select the Always check box to always advertise the default route, even if it is not in the CPE device's routing table. This check box is cleared by default.
- In the Metric Type drop-down list, select the type of metric for the default route:
- Type 1
- Type 2
- In the Metric field, enter a metric for the default route. Range of values: 0 to 16,777,214.
- In the Route map drop-down list, select a previously created route map for the default route.
- In the Distance field, enter the administrative distance for the OSPF routes. When multiple routes exist to a single destination, provided by different routing protocols, the administrative distance allows you to pick the preferred protocol.
The lower the administrative distance specified for a protocol, the higher the priority its route have. For example, if you want routes OSPF routes to always be preferred over BGP routes, specify the administrative distance of 1 for OSPF and 2 for BGP. Range of values: 1 to 255.
- If necessary, configure the administrative distances of individual OSPF routes:
- Select the Distance OSPF check box. This check box is cleared by default.
- In the External field, enter the administrative distance for routes from external OSPF domains or routing protocols. Range of values: 1 to 255.
- In the Inter-Area field, enter the administrative distance for routes from different areas of the same OSPF domain. Range of values: 1 to 255.
- In the Intra-Area field, enter the administrative distance for routes from the same area. Range of values: 1 to 255.
- If necessary, enable Graceful restart on the CPE device:
- Select the Graceful Restart check box. This check box is cleared by default.
- In the Grace Period (sec.) field, enter the length of time, in seconds, during which the CPE device announces its intention to restart to OSPF peers. Range of values: 1 to 1800.
- If necessary, configure timers for the Shortest Path First (SPF) algorithm calculations:
- Select the Timers Throttle SPF check box. This check box is cleared by default.
- In the Delay (sec.) field, enter the length in seconds of the delay before starting the calculations of the SPF algorithm. Range of values: 0 to 600,000.
- In the Initial Hold-Time (ms.) field, enter the minimum retention time in milliseconds between two calculations of the SPF algorithm. Range of values: 0 to 600,000.
- In the Maximum Hold-Time (ms.) field, enter the maximum retention time in milliseconds between two calculations of the SPF algorithm. Range of values: 0 to 600,000.
- If necessary, configure maximum metrics for link state advertisement (LSA):
- Select the Administrative check box to administratively specify the maximum metric value for LSA of the CPE device.
- Select the On Startup check box to specify the time in seconds for which the maximum metric remains applied to the LSA of the CPE device when the OSPF process is started or restarted, and enter a value in theTimer (sec.) field.
- Select the On Shutdown check box to specify the time in seconds for which that the maximum metric remains applied to the LSA of the CPE device when the OSPF process finishes, and enter a value in the Timer (sec.) field.
- In the upper part of the settings area, click Save to save the configuration of the CPE template.
- In the menu, go to the SD-WAN → CPE templates subsection.
Article ID: 261868, Last review: Aug 21, 2024