In Step 5, you deploy the more specific features made possible by the OSPF protocol and Cisco IOS Software running on your routers. It is not necessary to have a network with every option turned on, nor is this something you are likely to see. Some of the features that you need to consider implementing are covered in the two sections that follow.
What Do You Know?
Coming into Step 5, you determined your network requirements, developed a physical network topology, laid out your addressing and naming scheme, and began the provisioning of the network equipment. In this step, you deploy the OSPF and Cisco IOS Software features that you need to use within the network.
This section covers authentication and route redistribution between protocols, two OSPF features that you should consider deploying within your network.
Protecting corporate resources, security, policing the network, ensuring correct usage of the network, authentication—these are different terms for a similar need within every network: network security. Network security should be built into the network from day one, not added as an afterthought. Mistakes have already happened in the networking environment you know today. Nevertheless, how could they not with the almost required Internet presence and "www" logo seen on almost every business card? The open unsecure protocols, such as Simple Mail Transfer Protocol (SMTP) or Simple Network Management Protocol (SNMP), are essential for business and network management; though, they are also vulnerable to exploitation. Hopefully, the respective working groups will move toward solving this problem. All is not doom and gloom though, as OSPF comes with built-in authentication—the way it should be!
OSPF's built-in authentication set is extremely useful and flexible. In the OSPF specification, MD5 is the only cryptographic algorithm that has been completely specified. The overall implementation of security within OSPF is rather straightforward. For example, you assign a key to OSPF. This key can either be the same throughout your network or different on each router's interface, or a combination of the two. However, each router that is directly connected to each other must have the same key for communication to take place. Further discussion of this OSPF feature is presented in Chapter 8, "Managing and Securing OSPF Networks."
Route redistribution is another useful Cisco IOS Software feature. Redistribution is the exchange of routing information between two different routing processes (protocols). This feature should be turned on in your routers if you have separate routing domains within your AS and you need to exchange routes between them. Chapter 6, "Redistribution," and Chapter 7 cover this feature in greater detail.
188 Chapter 4: Design Fundamentals
For example, the engineering department might be running OSPF and the accounting department might be running Enhanced Interior Gateway Protocol (EIGRP), as shown in Figure 4-18.
Figure 4-18 Redistributing Routing Information Between Protocols
I EIGRP OSPF I
I EIGRP OSPF I
TIP When routes are redistributed between major networks, no subnet information is required to be shared. Instead, summarization should be applied at major network boundaries.
Cisco IOS Software Features
Some of the features of Cisco IOS Software that you should consider deploying within your network are as follows:
• Limiting certain routes from being propagated
• Policy routing
Was this article helpful?