You can configure the Open Shortest Path First (OSPF) routing protocol for the dynamic routing capabilities of an NSX Data Center for vSphere edge gateway. A common application of OSPF on an edge gateway in a VMware Cloud Director environment is to exchange routing information between edge gateways in VMware Cloud Director.
The NSX edge gateway supports OSPF, an interior gateway protocol that routes IP packets only within a single routing domain. As described in the NSX Administration documentation, configuring OSPF on an NSX edge gateway enables the edge gateway to learn and advertise routes. The edge gateway uses OSPF to gather link state information from available edge gateways and construct a topology map of the network. The topology determines the routing table presented to the Internet layer, which makes routing decisions based on the destination IP address found in IP packets.
As a result, OSPF routing policies provide a dynamic process of traffic load balancing between routes of equal cost. An OSPF network is divided into routing areas to optimize traffic flow and limit the size of routing tables. An area is a logical collection of OSPF networks, routers, and links that have the same area identification. Areas are identified by an Area ID.
Procedure
- Open Edge Gateway Services.
- In the top navigation bar, click Networking and click Edge Gateways.
- Select the edge gateway that you want to edit and click Services.
- Navigate to .
- If OSPF is not currently enabled, use the OSPF Enabled toggle to enable it.
- Configure the OSPF settings according to the needs of your organization.
Option |
Description |
Enable Graceful Restart |
Specifies that packet forwarding is to remain uninterrupted when OSPF services are restarted. |
Enable Default Originate |
Allows the edge gateway to advertise itself as a default gateway to its OSPF peers. |
- (Optional) You can either click Save changes or continue with configuring area definitions and interface mappings.
- Add an OSPF area definition by clicking the Add () button, specifying details for the mapping in the dialog box, and clicking Keep.
Note: By default, the system configures a not-so-stubby area (NSSA) with area ID of 51, and this area is automatically displayed in the area definitions table on the OSPF screen. You can modify or delete the NSSA area.
Option |
Description |
Area ID |
Type an area ID in the form of an IP address or decimal number. |
Area Type |
Select Normal or NSSA. NSSAs prevent the flooding of AS-external link-state advertisements (LSAs) into NSSAs. They rely on default routing to external destinations. As a result, NSSAs must be placed at the edge of an OSPF routing domain. NSSA can import external routes into the OSPF routing domain, by that means providing transit service to small routing domains that are not part of the OSPF routing domain. |
Area Authentication |
Select the type of authentication for OSPF to perform at the area level. All edge gateways within the area must have the same authentication and corresponding password configured. For MD5 authentication to work, both the receiver and transmitter must have the same MD5 key. Choices are:
- None
No authentication is required.
- Password
With this choice, the password you specify in the Area Authentication Value field is included in the transmitted packet.
- MD5
With this choice, the authentication uses MD5 (Message Digest type 5) encryption. An MD5 checksum is included in the transmitted packet. Type the Md5 key into the Area Authentication Value field.
|
- Click Save changes, so that the newly configured area definitions are available for selection when you add interface mappings.
- Add an interface mapping by clicking the Add () button, specifying details for the mapping in the dialog box, and clicking Keep.
These mappings map the edge gateway interfaces to the areas.
- In the dialog box, select the interface you want to map to an area definition.
The interface specifies the external network that both edge gateways are connected to.
- Select the area ID for the area to map to the selected interface.
- (Optional) Change the OSPF settings from the default values to customize them for this interface mapping.
When configuring a new mapping, the default values for these settings are displayed. In most cases, it is recommended to retain the default settings. If you do change the settings, make sure that the OSPF peers use the same settings.
Option |
Description |
Hello Interval |
Interval (in seconds) between hello packets that are sent on the interface. |
Dead Interval |
Interval (in seconds) during which at least one hello packet must be received from a neighbor before that neighbor is declared down. |
Priority |
Priority of the interface. The interface with the highest priority is the designated edge gateway router. |
Cost |
Overhead required to send packets across that interface. The cost of an interface is inversely proportional to the bandwidth of that interface. The larger the bandwidth, the smaller the cost. |
- Click Keep.
- Click Save changes in the OSPF screen.
What to do next
Configure OSPF on the other edge gateways that you want to exchange routing information with.
Add a firewall rule that allows traffic between the OSPF-enabled edge gateways. See Add an NSX Data Center for vSphere Edge Gateway Firewall Rule in the VMware Cloud Director Tenant Portal.
Make sure that the route redistribution and firewall configuration allow the correct routes to be advertised. See Configure Route Redistributions on an NSX Data Center for vSphere Edge Gateway Using the VMware Cloud Director Tenant Portal.