vlink-peer (OSPF)

Function

The vlink-peer command creates and configures a virtual link.

The undo vlink-peer command deletes the virtual link or restores the default setting.

By default, no virtual link is configured on OSPF.

Format

vlink-peer router-id [ dead dead-interval | hello hello-interval | retransmit retransmit-interval | smart-discover | trans-delay trans-delay-interval | [ simple [ plain plain-text | [ cipher ] cipher-text ] | { md5 | hmac-md5 | hmac-sha256 } [ key-id { plain plain-text | [ cipher ] cipher-text } ] | authentication-null | keychain keychain-name ] ] ^*

Parameters

Parameter	Description	Value
router-id	Specifies the router ID of virtual link neighbor.	-
dead dead-interval	Specifies the dead interval. This value must be equal to the dead-interval of the device that sets up virtual link with the interface and must be at least 4 times that of the hello-interval.	The value is an integer ranging from 1 to 235926000, in seconds. By default, it is 40 seconds.
hello hello-interval	Specifies the interval for transmitting Hello packets on an interface. This value must be equal to the hello-interval value of the device that sets up the virtual link with the interface. By default, it is 10 seconds.	The value is an integer ranging from 1 to 65535 seconds. By default, it is 10 seconds.
retransmit retransmit-interval	Specifies the interval for retransmitting the LSA packets on an interface.	The value is an integer ranging from 1 to 3600, in seconds. By default, it is 5 seconds.
smart-discover	Automatically sends Hello packets	-
trans-delay trans-delay-interval	Specifies the delay for transmitting LSA packets on an interface.	The value is an integer ranging from 1 to 3600, in seconds. By default, it is 1 second.
simple	Indicates the simple authentication mode. By default, the simple authentication mode is plain.	-
plain	Indicates the plain authentication. You can only type in the simple text, and it displays as simple text when the configuration file is viewed. NOTE: When configuring an authentication password, select the ciphertext mode because the password is saved in configuration files in simple text if you select simple text mode, which has a high risk. To ensure device security, change the password periodically.	-
plain-text	Specifies the simple-text password.	In simple mode, the value is a string of 1 to 8 characters. In md5, hmac-md5 or hmac-sha256 mode, the value is a string of 1~255 characters.
cipher	Indicates the cipher authentication. You can type in the simple text or the ciphertext, and it is displayed as the ciphertext when the configuration file is viewed.	-
cipher-text	Specifies the ciphertext password.	In simple mode, the value is a string of 1 to 8 characters (simple password) or 24/32/48 characters (ciphertext password). NOTE: If the source version supports a ciphertext password which is a string of 24 or 32 characters, the target version also supports this type of password. In md5, hmac-md5 or hmac-sha256 mode, the value is a string of 1 to 255 (simple password) and 20 to 392 characters (ciphertext password).
md5	Indicates the MD5 authentication mode. By default, the md5 authentication mode is cipher.	-
hmac-md5	Indicates the HMAC-MD5 authentication mode. By default, the hmac-md5 authentication mode is cipher.	-
hmac-sha256	Indicates the HMAC-SHA256 authentication mode. By default, the HAMC-SHA256 authentication mode is cipher. NOTE: HAMC-SHA256 authentication mode is better and more secure than other authentication modes. To ensure high security, HAMC-SHA256 authentication algorithm is recommended.	-
key-id	Specifies authentication key ID of the cipher authentication of the interface. The key ID must be consistent with that of the peer.	The value is an integer ranging from 1 to 255.
authentication-null	Indicates that no authentication is used.	-
keychain keychain-name	Indicates the keychain authentication. NOTE: Before configuring this parameter, you must run the keychain command to create a keychain. Then, run the key-id, key-string, and algorithm commands to configure a key ID, a password, and an authentication algorithm for this keychain. Otherwise, the OSPF authentication will fail.	The value must be the name of an existing keychain.

Views

OSPF area view

Default Level

2: Configuration level

Usage Guidelines

Usage Guidelines

After OSPF is divided into different areas, OSPF routes between non-backbone areas are updated by route exchange with the backbone area. Therefore, OSPF requires that all non-backbone areas keep connected to the backbone area and devices within the backbone area also keep connected. In real-world scenarios, however, these requirements cannot be met due to various limitations. Configuring OSPF virtual links can solve the problem.

Configuration Impact

Establish logical links between the non-backbone areas and the backbone area, and between devices within the backbone area to ensure connectivity in an OSPF network.

Follow-up Procedure

After a virtual link is established, different vendors may use different MTUs as default settings. To ensure consistency, run the undo ospf mtu-enable command to set the default MTU to 0 when DD packets are sent on an OSPF interface.

If the MTU of DD packets is configured, the neighbor relationship will be reestablished.

Precautions

The default value is recommended when a virtual link is created. You can modify the value in actual scenarios.

Suggestions for configuring parameters are as follows:

The smaller the hello parameter, the more rapidly a router detects network topology change, the more network resources are consumed.
If the retransmit parameter is set too small, LSAs may be retransmitted. Setting the parameter to a large value is recommended in a low-speed network.
The authentication modes of a virtual link and the backbone area must be the same.

Example

# Configure a virtual link with the peer router ID 1.1.1.1.

<sysname> system-view

[sysname] ospf 100

[sysname-ospf-100] area 2

[sysname-ospf-100-area-0.0.0.2] vlink-peer 1.1.1.1