Using the OSPF screen in the vCloud Director tenant portal, you can configure the Open Shortest Path First (OSPF) routing protocol for the dynamic routing capabilities of your advanced edge gateway. A common application of OSPF on an edge gateway in a vCloud Director environment is to exchange routing information between edge gateways in vCloud Director.

The NSX edge gateway supports OSPF, an interior gateway protocol that routes IP packets only within a single routing domain. As described in the NSX Administration documentation, configuring OSPF on an NSX edge gateway enables the edge gateway to learn and advertise routes. The edge gateway uses OSPF to gather link state information from available edge gateways and construct a topology map of the network. The topology determines the routing table presented to the Internet layer, which makes routing decisions based on the destination IP address found in IP packets.

As a result, OSPF routing policies provide a dynamic process of traffic load balancing between routes of equal cost. An OSPF network is divided into routing areas to optimize traffic flow and limit the size of routing tables. An area is a logical collection of OSPF networks, routers, and links that have the same area identification. Areas are identified by an Area ID.

Prerequisites

A Router ID must be configured . Specify Default Routing Configurations for the Edge Gateway.

To use the vCloud Director tenant portal to work with edge gateway services, the edge gateway must be converted to an advanced edge gateway. You can do this on the edge gateway in the vCloud Director Web console or from the tenant portal. For details on performing this step from the tenant portal, see Convert an Edge Gateway to an Advanced Edge Gateway.

Procedure

  1. Open Edge Gateway Services.
    1. Navigate to Networking > Edges.
    2. Select the edge gateway to edit, and click Configure Services.
  2. Navigate to Routing > OSPF.
  3. If OSPF is not currently enabled, use the OSPF Enabled toggle to enable it.
  4. Configure the OSPF settings according to the needs of your organization.

    Option

    Description

    Enable Graceful Restart

    Specifies that packet forwarding is to remain uninterrupted when OSPF services are restarted.

    Enable Default Originate

    Allows the edge gateway to advertise itself as a default gateway to its OSPF peers.

  5. (Optional) You can either click Save changes or continue with configuring area definitions and interface mappings.
  6. Add an OSPF area definition by clicking the Add (add button) button, specifying details for the mapping in the dialog box, and clicking Keep.
    Note:

    By default, the system configures a not-so-stubby area (NSSA) with area ID of 51, and this area is automatically displayed in the area definitions table on the OSPF screen. You can modify or delete the NSSA area.

    Option

    Description

    Area ID

    Type an area ID in the form of an IP address or decimal number.

    Area Type

    Select Normal or NSSA.

    NSSAs prevent the flooding of AS-external link-state advertisements (LSAs) into NSSAs. They rely on default routing to external destinations. As a result, NSSAs must be placed at the edge of an OSPF routing domain. NSSA can import external routes into the OSPF routing domain, by that means providing transit service to small routing domains that are not part of the OSPF routing domain.

    Area Authentication

    Select the type of authentication for OSPF to perform at the area level.

    All edge gateways within the area must have the same authentication and corresponding password configured. For MD5 authentication to work, both the receiver and transmitter must have the same MD5 key.

    Choices are:

    • None

      No authentication is required.

    • Password

      With this choice, the password you specify in the Area Authentication Value field is included in the transmitted packet.

    • MD5

      With this choice, the authentication uses MD5 (Message Digest type 5) encryption. An MD5 checksum is included in the transmitted packet. Type the Md5 key into the Area Authentication Value field.

  7. Click Save changes, so that the newly configured area definitions are available for selection when you add interface mappings.
  8. Add an interface mapping by clicking the Add (add button) button, specifying details for the mapping in the dialog box, and clicking Keep.

    These mappings map the edge gateway interfaces to the areas.

    1. In the dialog box, select the interface you want to map to an area definition.

      The interface specifies the external network that both edge gateways are connected to.

    2. Select the area ID for the area to map to the selected interface.
    3. (Optional) Change the OSPF settings from the default values to customize them for this interface mapping.

      When configuring a new mapping, the default values for these settings are displayed. In most cases, it is recommended to retain the default settings. If you do change the settings, make sure that the OSPF peers use the same settings.

      Option

      Description

      Hello Interval

      Interval (in seconds) between hello packets that are sent on the interface.

      Dead Interval

      Interval (in seconds) during which at least one hello packet must be received from a neighbor before that neighbor is declared down.

      Priority

      Priority of the interface. The interface with the highest priority is the designated edge gateway router.

      Cost

      Overhead required to send packets across that interface. The cost of an interface is inversely proportional to the bandwidth of that interface. The larger the bandwidth, the smaller the cost.

    4. Click Keep.
  9. Click Save changes in the OSPF screen.

What to do next

Configure OSPF on the other edge gateways that you want to exchange routing information with.

Add a firewall rule that allows traffic between the OSPF-enabled edge gateways. See Add an Edge Gateway Firewall Rule Using the Tenant Portal.

Make sure that the route redistribution and firewall configuration allow the correct routes to be advertised. See Configure Route Redistribution Using the Tenant Portal.