Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.2.1
Copy Link

Configure OSPF.

  config router ospf
      Description: Configure OSPF.
      set abr-type [cisco|ibm|...]
      set auto-cost-ref-bandwidth {integer}
      set distance-external {integer}
      set distance-inter-area {integer}
      set distance-intra-area {integer}
      set database-overflow [enable|disable]
      set database-overflow-max-lsas {integer}
      set database-overflow-time-to-recover {integer}
      set default-information-originate [enable|always|...]
      set default-information-metric {integer}
      set default-information-metric-type [1|2]
      set default-information-route-map {string}
      set default-metric {integer}
      set distance {integer}
      set rfc1583-compatible [enable|disable]
      set router-id {ipv4-address-any}
      set spf-timers {user}
      set bfd [enable|disable]
      set log-neighbour-changes [enable|disable]
      set distribute-list-in {string}
      set distribute-route-map-in {string}
      set restart-mode [none|lls|...]
      set restart-period {integer}
      config area
          Description: OSPF area configuration.
          edit <id>
              set shortcut [disable|enable|...]
              set authentication [none|text|...]
              set default-cost {integer}
              set nssa-translator-role [candidate|never|...]
              set stub-type [no-summary|summary]
              set type [regular|nssa|...]
              set nssa-default-information-originate [enable|always|...]
              set nssa-default-information-originate-metric {integer}
              set nssa-default-information-originate-metric-type [1|2]
              set nssa-redistribution [enable|disable]
              config range
                  Description: OSPF area range configuration.
                  edit <id>
                      set prefix {ipv4-classnet-any}
                      set advertise [disable|enable]
                      set substitute {ipv4-classnet-any}
                      set substitute-status [enable|disable]
                  next
              end
              config virtual-link
                  Description: OSPF virtual link configuration.
                  edit <name>
                      set authentication [none|text|...]
                      set authentication-key {password}
                      set md5-keychain {string}
                      set dead-interval {integer}
                      set hello-interval {integer}
                      set retransmit-interval {integer}
                      set transmit-delay {integer}
                      set peer {ipv4-address-any}
                      config md5-keys
                          Description: MD5 key.
                          edit <id>
                              set key-string {password}
                          next
                      end
                  next
              end
              config filter-list
                  Description: OSPF area filter-list configuration.
                  edit <id>
                      set list {string}
                      set direction [in|out]
                  next
              end
          next
      end
      config ospf-interface
          Description: OSPF interface configuration.
          edit <name>
              set interface {string}
              set ip {ipv4-address}
              set authentication [none|text|...]
              set authentication-key {password}
              set md5-keychain {string}
              set prefix-length {integer}
              set retransmit-interval {integer}
              set transmit-delay {integer}
              set cost {integer}
              set priority {integer}
              set dead-interval {integer}
              set hello-interval {integer}
              set hello-multiplier {integer}
              set database-filter-out [enable|disable]
              set mtu {integer}
              set mtu-ignore [enable|disable]
              set network-type [broadcast|non-broadcast|...]
              set bfd [global|enable|...]
              set status [disable|enable]
              set resync-timeout {integer}
              config md5-keys
                  Description: MD5 key.
                  edit <id>
                      set key-string {password}
                  next
              end
          next
      end
      config network
          Description: OSPF network configuration.
          edit <id>
              set prefix {ipv4-classnet}
              set area {ipv4-address-any}
          next
      end
      config neighbor
          Description: OSPF neighbor configuration are used when OSPF runs on non-broadcast media
          edit <id>
              set ip {ipv4-address}
              set poll-interval {integer}
              set cost {integer}
              set priority {integer}
          next
      end
      set passive-interface <name1>, <name2>, ...
      config summary-address
          Description: IP address summary configuration.
          edit <id>
              set prefix {ipv4-classnet}
              set tag {integer}
              set advertise [disable|enable]
          next
      end
      config distribute-list
          Description: Distribute list configuration.
          edit <id>
              set access-list {string}
              set protocol [connected|static|...]
          next
      end
      config redistribute
          Description: Redistribute configuration.
          edit <name>
              set status [enable|disable]
              set metric {integer}
              set routemap {string}
              set metric-type [1|2]
              set tag {integer}
          next
      end
  end

config router ospf

Parameter Name Description Type Size
abr-type Area border router type.
cisco: Cisco.
ibm: IBM.
shortcut: Shortcut.
standard: Standard.
option -
auto-cost-ref-bandwidth Reference bandwidth in terms of megabits per second. integer Minimum value: 1 Maximum value: 1000000
distance-external Administrative external distance. integer Minimum value: 1 Maximum value: 255
distance-inter-area Administrative inter-area distance. integer Minimum value: 1 Maximum value: 255
distance-intra-area Administrative intra-area distance. integer Minimum value: 1 Maximum value: 255
database-overflow Enable/disable database overflow.
enable: Enable setting.
disable: Disable setting.
option -
database-overflow-max-lsas Database overflow maximum LSAs. integer Minimum value: 0 Maximum value: 4294967295
database-overflow-time-to-recover Database overflow time to recover (sec). integer Minimum value: 0 Maximum value: 65535
default-information-originate Enable/disable generation of default route.
enable: Enable setting.
always: Always advertise the default router.
disable: Disable setting.
option -
default-information-metric Default information metric. integer Minimum value: 1 Maximum value: 16777214
default-information-metric-type Default information metric type.
1: Type 1.
2: Type 2.
option -
default-information-route-map Default information route map. string Maximum length: 35
default-metric Default metric of redistribute routes. integer Minimum value: 1 Maximum value: 16777214
distance Distance of the route. integer Minimum value: 1 Maximum value: 255
rfc1583-compatible Enable/disable RFC1583 compatibility.
enable: Enable setting.
disable: Disable setting.
option -
router-id Router ID. ipv4-address-any Not Specified
spf-timers SPF calculation frequency. user Not Specified
bfd Bidirectional Forwarding Detection (BFD).
enable: Enable setting.
disable: Disable setting.
option -
log-neighbour-changes Enable logging of OSPF neighbour's changes
enable: Enable setting.
disable: Disable setting.
option -
distribute-list-in Filter incoming routes. string Maximum length: 35
distribute-route-map-in Filter incoming external routes by route-map. string Maximum length: 35
restart-mode OSPF restart mode (graceful or LLS).
none: Hitless restart disabled.
lls: LLS mode.
graceful-restart: Graceful Restart Mode.
option -
restart-period Graceful restart period. integer Minimum value: 1 Maximum value: 3600
passive-interface <name> Passive interface configuration.
Passive interface name.
string Maximum length: 79
Parameter Name Description Type Size
shortcut Enable/disable shortcut option.
disable: Disable shortcut option.
enable: Enable shortcut option.
default: Default shortcut option.
option -
authentication Authentication type.
none: None.
text: Text.
md5: MD5.
option -
default-cost Summary default cost of stub or NSSA area. integer Minimum value: 0 Maximum value: 4294967295
nssa-translator-role NSSA translator role type.
candidate: Candidate.
never: Never.
always: Always.
option -
stub-type Stub summary setting.
no-summary: No summary.
summary: Summary.
option -
type Area type setting.
regular: Regular.
nssa: NSSA.
stub: Stub.
option -
nssa-default-information-originate Redistribute, advertise, or do not originate Type-7 default route into NSSA area.
enable: Redistribute Type-7 default route from routing table.
always: Advertise a self-originated Type-7 default route.
disable: Do not advertise Type-7 default route.
option -
nssa-default-information-originate-metric OSPF default metric. integer Minimum value: 0 Maximum value: 16777214
nssa-default-information-originate-metric-type OSPF metric type for default routes.
1: Type 1.
2: Type 2.
option -
nssa-redistribution Enable/disable redistribute into NSSA area.
enable: Enable redistribute into NSSA area.
disable: Disable redistribute into NSSA area.
option -

config range

Parameter Name Description Type Size
prefix Prefix. ipv4-classnet-any Not Specified
advertise Enable/disable advertise status.
disable: Disable advertise status.
enable: Enable advertise status.
option -
substitute Substitute prefix. ipv4-classnet-any Not Specified
substitute-status Enable/disable substitute status.
enable: Enable substitute status.
disable: Disable substitute status.
option -

config virtual-link

Parameter Name Description Type Size
authentication Authentication type.
none: None.
text: Text.
md5: MD5.
option -
authentication-key Authentication key. password Not Specified
md5-keychain Authentication MD5 key-chain name. string Maximum length: 35
dead-interval Dead interval. integer Minimum value: 1 Maximum value: 65535
hello-interval Hello interval. integer Minimum value: 1 Maximum value: 65535
retransmit-interval Retransmit interval. integer Minimum value: 1 Maximum value: 65535
transmit-delay Transmit delay. integer Minimum value: 1 Maximum value: 65535
peer Peer IP. ipv4-address-any Not Specified

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified

config filter-list

Parameter Name Description Type Size
list Access-list or prefix-list name. string Maximum length: 35
direction Direction.
in: In.
out: Out.
option -
Parameter Name Description Type Size
interface Configuration interface name. string Maximum length: 15
ip IP address. ipv4-address Not Specified
authentication Authentication type.
none: None.
text: Text.
md5: MD5.
option -
authentication-key Authentication key. password Not Specified
md5-keychain Authentication MD5 key-chain name. string Maximum length: 35
prefix-length Prefix length. integer Minimum value: 0 Maximum value: 32
retransmit-interval Retransmit interval. integer Minimum value: 1 Maximum value: 65535
transmit-delay Transmit delay. integer Minimum value: 1 Maximum value: 65535
cost Cost of the interface, value range from 0 to 65535, 0 means auto-cost. integer Minimum value: 0 Maximum value: 65535
priority Priority. integer Minimum value: 0 Maximum value: 255
dead-interval Dead interval. integer Minimum value: 0 Maximum value: 65535
hello-interval Hello interval. integer Minimum value: 0 Maximum value: 65535
hello-multiplier Number of hello packets within dead interval. integer Minimum value: 3 Maximum value: 10
database-filter-out Enable/disable control of flooding out LSAs.
enable: Enable setting.
disable: Disable setting.
option -
mtu MTU for database description packets. integer Minimum value: 576 Maximum value: 65535
mtu-ignore Enable/disable ignore MTU.
enable: Enable setting.
disable: Disable setting.
option -
network-type Network type.
broadcast: Broadcast.
non-broadcast: Non-broadcast.
point-to-point: Point-to-point.
point-to-multipoint: Point-to-multipoint.
point-to-multipoint-non-broadcast: Point-to-multipoint and non-broadcast.
option -
bfd Bidirectional Forwarding Detection (BFD).
global: Follow global configuration.
enable: Enable BFD on this interface.
disable: Disable BFD on this interface.
option -
status Enable/disable status.
disable: Disable status.
enable: Enable status.
option -
resync-timeout Graceful restart neighbor resynchronization timeout. integer Minimum value: 1 Maximum value: 3600

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified
Parameter Name Description Type Size
prefix Prefix. ipv4-classnet Not Specified
area Attach the network to area. ipv4-address-any Not Specified
Parameter Name Description Type Size
ip Interface IP address of the neighbor. ipv4-address Not Specified
poll-interval Poll interval time in seconds. integer Minimum value: 1 Maximum value: 65535
cost Cost of the interface, value range from 0 to 65535, 0 means auto-cost. integer Minimum value: 0 Maximum value: 65535
priority Priority. integer Minimum value: 0 Maximum value: 255
Parameter Name Description Type Size
prefix Prefix. ipv4-classnet Not Specified
tag Tag value. integer Minimum value: 0 Maximum value: 4294967295
advertise Enable/disable advertise status.
disable: Disable advertise status.
enable: Enable advertise status.
option -
Parameter Name Description Type Size
access-list Access list name. string Maximum length: 35
protocol Protocol type.
connected: Connected type.
static: Static type.
rip: RIP type.
option -
Parameter Name Description Type Size
status status
enable: Enable setting.
disable: Disable setting.
option -
metric Redistribute metric setting. integer Minimum value: 0 Maximum value: 16777214
routemap Route map name. string Maximum length: 35
metric-type Metric type.
1: Type 1.
2: Type 2.
option -
tag Tag value. integer Minimum value: 0 Maximum value: 4294967295

Configure OSPF.

  config router ospf
      Description: Configure OSPF.
      set abr-type [cisco|ibm|...]
      set auto-cost-ref-bandwidth {integer}
      set distance-external {integer}
      set distance-inter-area {integer}
      set distance-intra-area {integer}
      set database-overflow [enable|disable]
      set database-overflow-max-lsas {integer}
      set database-overflow-time-to-recover {integer}
      set default-information-originate [enable|always|...]
      set default-information-metric {integer}
      set default-information-metric-type [1|2]
      set default-information-route-map {string}
      set default-metric {integer}
      set distance {integer}
      set rfc1583-compatible [enable|disable]
      set router-id {ipv4-address-any}
      set spf-timers {user}
      set bfd [enable|disable]
      set log-neighbour-changes [enable|disable]
      set distribute-list-in {string}
      set distribute-route-map-in {string}
      set restart-mode [none|lls|...]
      set restart-period {integer}
      config area
          Description: OSPF area configuration.
          edit <id>
              set shortcut [disable|enable|...]
              set authentication [none|text|...]
              set default-cost {integer}
              set nssa-translator-role [candidate|never|...]
              set stub-type [no-summary|summary]
              set type [regular|nssa|...]
              set nssa-default-information-originate [enable|always|...]
              set nssa-default-information-originate-metric {integer}
              set nssa-default-information-originate-metric-type [1|2]
              set nssa-redistribution [enable|disable]
              config range
                  Description: OSPF area range configuration.
                  edit <id>
                      set prefix {ipv4-classnet-any}
                      set advertise [disable|enable]
                      set substitute {ipv4-classnet-any}
                      set substitute-status [enable|disable]
                  next
              end
              config virtual-link
                  Description: OSPF virtual link configuration.
                  edit <name>
                      set authentication [none|text|...]
                      set authentication-key {password}
                      set md5-keychain {string}
                      set dead-interval {integer}
                      set hello-interval {integer}
                      set retransmit-interval {integer}
                      set transmit-delay {integer}
                      set peer {ipv4-address-any}
                      config md5-keys
                          Description: MD5 key.
                          edit <id>
                              set key-string {password}
                          next
                      end
                  next
              end
              config filter-list
                  Description: OSPF area filter-list configuration.
                  edit <id>
                      set list {string}
                      set direction [in|out]
                  next
              end
          next
      end
      config ospf-interface
          Description: OSPF interface configuration.
          edit <name>
              set interface {string}
              set ip {ipv4-address}
              set authentication [none|text|...]
              set authentication-key {password}
              set md5-keychain {string}
              set prefix-length {integer}
              set retransmit-interval {integer}
              set transmit-delay {integer}
              set cost {integer}
              set priority {integer}
              set dead-interval {integer}
              set hello-interval {integer}
              set hello-multiplier {integer}
              set database-filter-out [enable|disable]
              set mtu {integer}
              set mtu-ignore [enable|disable]
              set network-type [broadcast|non-broadcast|...]
              set bfd [global|enable|...]
              set status [disable|enable]
              set resync-timeout {integer}
              config md5-keys
                  Description: MD5 key.
                  edit <id>
                      set key-string {password}
                  next
              end
          next
      end
      config network
          Description: OSPF network configuration.
          edit <id>
              set prefix {ipv4-classnet}
              set area {ipv4-address-any}
          next
      end
      config neighbor
          Description: OSPF neighbor configuration are used when OSPF runs on non-broadcast media
          edit <id>
              set ip {ipv4-address}
              set poll-interval {integer}
              set cost {integer}
              set priority {integer}
          next
      end
      set passive-interface <name1>, <name2>, ...
      config summary-address
          Description: IP address summary configuration.
          edit <id>
              set prefix {ipv4-classnet}
              set tag {integer}
              set advertise [disable|enable]
          next
      end
      config distribute-list
          Description: Distribute list configuration.
          edit <id>
              set access-list {string}
              set protocol [connected|static|...]
          next
      end
      config redistribute
          Description: Redistribute configuration.
          edit <name>
              set status [enable|disable]
              set metric {integer}
              set routemap {string}
              set metric-type [1|2]
              set tag {integer}
          next
      end
  end

config router ospf

Parameter Name Description Type Size
abr-type Area border router type.
cisco: Cisco.
ibm: IBM.
shortcut: Shortcut.
standard: Standard.
option -
auto-cost-ref-bandwidth Reference bandwidth in terms of megabits per second. integer Minimum value: 1 Maximum value: 1000000
distance-external Administrative external distance. integer Minimum value: 1 Maximum value: 255
distance-inter-area Administrative inter-area distance. integer Minimum value: 1 Maximum value: 255
distance-intra-area Administrative intra-area distance. integer Minimum value: 1 Maximum value: 255
database-overflow Enable/disable database overflow.
enable: Enable setting.
disable: Disable setting.
option -
database-overflow-max-lsas Database overflow maximum LSAs. integer Minimum value: 0 Maximum value: 4294967295
database-overflow-time-to-recover Database overflow time to recover (sec). integer Minimum value: 0 Maximum value: 65535
default-information-originate Enable/disable generation of default route.
enable: Enable setting.
always: Always advertise the default router.
disable: Disable setting.
option -
default-information-metric Default information metric. integer Minimum value: 1 Maximum value: 16777214
default-information-metric-type Default information metric type.
1: Type 1.
2: Type 2.
option -
default-information-route-map Default information route map. string Maximum length: 35
default-metric Default metric of redistribute routes. integer Minimum value: 1 Maximum value: 16777214
distance Distance of the route. integer Minimum value: 1 Maximum value: 255
rfc1583-compatible Enable/disable RFC1583 compatibility.
enable: Enable setting.
disable: Disable setting.
option -
router-id Router ID. ipv4-address-any Not Specified
spf-timers SPF calculation frequency. user Not Specified
bfd Bidirectional Forwarding Detection (BFD).
enable: Enable setting.
disable: Disable setting.
option -
log-neighbour-changes Enable logging of OSPF neighbour's changes
enable: Enable setting.
disable: Disable setting.
option -
distribute-list-in Filter incoming routes. string Maximum length: 35
distribute-route-map-in Filter incoming external routes by route-map. string Maximum length: 35
restart-mode OSPF restart mode (graceful or LLS).
none: Hitless restart disabled.
lls: LLS mode.
graceful-restart: Graceful Restart Mode.
option -
restart-period Graceful restart period. integer Minimum value: 1 Maximum value: 3600
passive-interface <name> Passive interface configuration.
Passive interface name.
string Maximum length: 79
Parameter Name Description Type Size
shortcut Enable/disable shortcut option.
disable: Disable shortcut option.
enable: Enable shortcut option.
default: Default shortcut option.
option -
authentication Authentication type.
none: None.
text: Text.
md5: MD5.
option -
default-cost Summary default cost of stub or NSSA area. integer Minimum value: 0 Maximum value: 4294967295
nssa-translator-role NSSA translator role type.
candidate: Candidate.
never: Never.
always: Always.
option -
stub-type Stub summary setting.
no-summary: No summary.
summary: Summary.
option -
type Area type setting.
regular: Regular.
nssa: NSSA.
stub: Stub.
option -
nssa-default-information-originate Redistribute, advertise, or do not originate Type-7 default route into NSSA area.
enable: Redistribute Type-7 default route from routing table.
always: Advertise a self-originated Type-7 default route.
disable: Do not advertise Type-7 default route.
option -
nssa-default-information-originate-metric OSPF default metric. integer Minimum value: 0 Maximum value: 16777214
nssa-default-information-originate-metric-type OSPF metric type for default routes.
1: Type 1.
2: Type 2.
option -
nssa-redistribution Enable/disable redistribute into NSSA area.
enable: Enable redistribute into NSSA area.
disable: Disable redistribute into NSSA area.
option -

config range

Parameter Name Description Type Size
prefix Prefix. ipv4-classnet-any Not Specified
advertise Enable/disable advertise status.
disable: Disable advertise status.
enable: Enable advertise status.
option -
substitute Substitute prefix. ipv4-classnet-any Not Specified
substitute-status Enable/disable substitute status.
enable: Enable substitute status.
disable: Disable substitute status.
option -

config virtual-link

Parameter Name Description Type Size
authentication Authentication type.
none: None.
text: Text.
md5: MD5.
option -
authentication-key Authentication key. password Not Specified
md5-keychain Authentication MD5 key-chain name. string Maximum length: 35
dead-interval Dead interval. integer Minimum value: 1 Maximum value: 65535
hello-interval Hello interval. integer Minimum value: 1 Maximum value: 65535
retransmit-interval Retransmit interval. integer Minimum value: 1 Maximum value: 65535
transmit-delay Transmit delay. integer Minimum value: 1 Maximum value: 65535
peer Peer IP. ipv4-address-any Not Specified

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified

config filter-list

Parameter Name Description Type Size
list Access-list or prefix-list name. string Maximum length: 35
direction Direction.
in: In.
out: Out.
option -
Parameter Name Description Type Size
interface Configuration interface name. string Maximum length: 15
ip IP address. ipv4-address Not Specified
authentication Authentication type.
none: None.
text: Text.
md5: MD5.
option -
authentication-key Authentication key. password Not Specified
md5-keychain Authentication MD5 key-chain name. string Maximum length: 35
prefix-length Prefix length. integer Minimum value: 0 Maximum value: 32
retransmit-interval Retransmit interval. integer Minimum value: 1 Maximum value: 65535
transmit-delay Transmit delay. integer Minimum value: 1 Maximum value: 65535
cost Cost of the interface, value range from 0 to 65535, 0 means auto-cost. integer Minimum value: 0 Maximum value: 65535
priority Priority. integer Minimum value: 0 Maximum value: 255
dead-interval Dead interval. integer Minimum value: 0 Maximum value: 65535
hello-interval Hello interval. integer Minimum value: 0 Maximum value: 65535
hello-multiplier Number of hello packets within dead interval. integer Minimum value: 3 Maximum value: 10
database-filter-out Enable/disable control of flooding out LSAs.
enable: Enable setting.
disable: Disable setting.
option -
mtu MTU for database description packets. integer Minimum value: 576 Maximum value: 65535
mtu-ignore Enable/disable ignore MTU.
enable: Enable setting.
disable: Disable setting.
option -
network-type Network type.
broadcast: Broadcast.
non-broadcast: Non-broadcast.
point-to-point: Point-to-point.
point-to-multipoint: Point-to-multipoint.
point-to-multipoint-non-broadcast: Point-to-multipoint and non-broadcast.
option -
bfd Bidirectional Forwarding Detection (BFD).
global: Follow global configuration.
enable: Enable BFD on this interface.
disable: Disable BFD on this interface.
option -
status Enable/disable status.
disable: Disable status.
enable: Enable status.
option -
resync-timeout Graceful restart neighbor resynchronization timeout. integer Minimum value: 1 Maximum value: 3600

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified

config md5-keys

Parameter Name Description Type Size
key-string Password for the key. password Not Specified
Parameter Name Description Type Size
prefix Prefix. ipv4-classnet Not Specified
area Attach the network to area. ipv4-address-any Not Specified
Parameter Name Description Type Size
ip Interface IP address of the neighbor. ipv4-address Not Specified
poll-interval Poll interval time in seconds. integer Minimum value: 1 Maximum value: 65535
cost Cost of the interface, value range from 0 to 65535, 0 means auto-cost. integer Minimum value: 0 Maximum value: 65535
priority Priority. integer Minimum value: 0 Maximum value: 255
Parameter Name Description Type Size
prefix Prefix. ipv4-classnet Not Specified
tag Tag value. integer Minimum value: 0 Maximum value: 4294967295
advertise Enable/disable advertise status.
disable: Disable advertise status.
enable: Enable advertise status.
option -
Parameter Name Description Type Size
access-list Access list name. string Maximum length: 35
protocol Protocol type.
connected: Connected type.
static: Static type.
rip: RIP type.
option -
Parameter Name Description Type Size
status status
enable: Enable setting.
disable: Disable setting.
option -
metric Redistribute metric setting. integer Minimum value: 0 Maximum value: 16777214
routemap Route map name. string Maximum length: 35
metric-type Metric type.
1: Type 1.
2: Type 2.
option -
tag Tag value. integer Minimum value: 0 Maximum value: 4294967295