Deploy multi-area OSPF networks with FRRouting, configure area types and LSA filtering, implement advanced routing policies with route maps, and integrate BGP redistribution for enterprise network design.
Prerequisites
- Root or sudo access
- Multiple network interfaces
- Basic routing knowledge
- Understanding of OSPF concepts
What this solves
This tutorial implements Open Shortest Path First (OSPF) multi-area design using FRRouting for enterprise networks. You'll configure different area types including backbone, stub, and NSSA areas, set up inter-area routing with LSA filtering, and implement advanced routing policies with route maps and prefix lists.
Multi-area OSPF reduces routing table size, limits flooding domains, and improves network scalability. This setup is essential for enterprise networks with hundreds of routers or when you need hierarchical routing design with controlled route advertisement between areas.
Step-by-step implementation
Install FRRouting and dependencies
Install FRRouting routing suite with OSPF daemon support and configuration tools.
sudo apt update
curl -s https://deb.frrouting.org/frr/keys.asc | sudo apt-key add -
echo deb https://deb.frrouting.org/frr $(lsb_release -s -c) frr-stable | sudo tee -a /etc/apt/sources.list.d/frr.list
sudo apt update
sudo apt install -y frr frr-pythontools tcpdumpEnable OSPF daemon in FRRouting
Configure FRRouting to start the OSPF daemon and enable routing protocols.
bgpd=yes
ospfd=yes
ospf6d=no
ripd=no
ripngd=no
isisd=no
pimd=no
ldpd=no
nhrpd=no
eigrpd=no
babeld=no
sharpd=no
pbrd=no
staticd=yes
bfdd=no
fabricd=noConfigure system IP forwarding
Enable IP forwarding for routing functionality and make it persistent across reboots.
echo 'net.ipv4.ip_forward=1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv4.conf.all.forwarding=1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -pDesign multi-area OSPF topology
Plan the area hierarchy with backbone area 0.0.0.0 and multiple areas for network segmentation.
!
! OSPF Multi-Area Configuration
!
router ospf
ospf router-id 10.0.0.1
log-adjacency-changes
auto-cost reference-bandwidth 10000
area 0.0.0.0 authentication message-digest
area 0.0.0.1 stub
area 0.0.0.2 nssa
area 0.0.0.3 stub no-summary
network 10.0.0.0/24 area 0.0.0.0
network 192.168.1.0/24 area 0.0.0.1
network 192.168.2.0/24 area 0.0.0.2
network 192.168.3.0/24 area 0.0.0.3
area 0.0.0.1 default-cost 100
area 0.0.0.2 default-information-originate
area 0.0.0.3 range 192.168.3.0/24 substitute 192.168.30.0/24
!
interface eth0
description "Backbone Area Connection"
ip ospf message-digest-key 1 md5 SecureOSPFKey2024
ip ospf network point-to-point
ip ospf hello-interval 5
ip ospf dead-interval 20
ip ospf retransmit-interval 10
!
interface eth1
description "Area 1 Stub Connection"
ip ospf cost 50
ip ospf priority 100
!
interface eth2
description "Area 2 NSSA Connection"
ip ospf network broadcast
ip ospf hello-interval 10
!Configure advanced routing policies with route maps
Create route maps for filtering and modifying routing information between areas and protocols.
!
! Access Lists for Route Filtering
!
access-list INTERNAL_NETWORKS permit 192.168.0.0/16
access-list INTERNAL_NETWORKS permit 10.0.0.0/8
access-list EXTERNAL_ROUTES permit 203.0.113.0/24
access-list EXTERNAL_ROUTES deny any
!
! Prefix Lists for Granular Control
!
ip prefix-list AREA1_SUMMARY permit 192.168.1.0/24
ip prefix-list AREA2_NETWORKS permit 192.168.2.0/23 le 24
ip prefix-list BGP_ROUTES permit 203.0.113.0/24
ip prefix-list BGP_ROUTES deny 0.0.0.0/0 le 32
!
! Route Maps for Policy Implementation
!
route-map OSPF_TO_BGP permit 10
match ip address INTERNAL_NETWORKS
set metric 100
set origin igp
!
route-map BGP_TO_OSPF permit 10
match ip prefix-list BGP_ROUTES
set metric 200
set metric-type type-1
!
route-map AREA_FILTER permit 10
match ip prefix-list AREA1_SUMMARY
set metric add 50
!
route-map AREA_FILTER deny 20
!
! Apply Route Maps to OSPF
!
router ospf
area 0.0.0.1 filter-list prefix AREA1_SUMMARY in
area 0.0.0.2 import-list AREA_FILTER
redistribute bgp route-map BGP_TO_OSPF
distribute-list EXTERNAL_ROUTES out
default-information originate always route-map OSPF_TO_BGP
!Configure BGP OSPF redistribution
Set up BGP to redistribute OSPF routes and vice versa with proper filtering and metric control.
!
! BGP Configuration for OSPF Integration
!
router bgp 65001
bgp router-id 10.0.0.1
bgp log-neighbor-changes
neighbor 203.0.113.10 remote-as 65002
neighbor 203.0.113.10 description "External BGP Peer"
neighbor 203.0.113.10 password BGPSecurePassword2024
neighbor 203.0.113.10 update-source 203.0.113.1
!
address-family ipv4 unicast
network 10.0.0.0/24
redistribute ospf route-map OSPF_TO_BGP
neighbor 203.0.113.10 activate
neighbor 203.0.113.10 route-map BGP_IN in
neighbor 203.0.113.10 route-map BGP_OUT out
neighbor 203.0.113.10 soft-reconfiguration inbound
exit-address-family
!
! Additional Route Maps for BGP
!
route-map BGP_IN permit 10
match as-path AS_PATH_FILTER
set local-preference 150
set weight 100
!
route-map BGP_OUT permit 10
match ip prefix-list OSPF_INTERNAL
set as-path prepend 65001
!
ip as-path access-list AS_PATH_FILTER permit ^65002$
ip prefix-list OSPF_INTERNAL permit 10.0.0.0/8
ip prefix-list OSPF_INTERNAL permit 192.168.0.0/16Configure area-specific LSA filtering
Implement LSA Type filtering to control information flow between OSPF areas.
!
! LSA Filtering Configuration
!
router ospf
area 0.0.0.1 stub
area 0.0.0.1 default-cost 50
area 0.0.0.1 filter-list prefix STUB_FILTER in
area 0.0.0.1 filter-list prefix STUB_FILTER out
!
area 0.0.0.2 nssa
area 0.0.0.2 nssa default-information-originate
area 0.0.0.2 nssa translate-candidate
area 0.0.0.2 filter-list prefix NSSA_FILTER in
!
area 0.0.0.3 stub no-summary
area 0.0.0.3 default-cost 25
area 0.0.0.3 range 192.168.3.0/24
!
! Prefix Lists for Area Filtering
!
ip prefix-list STUB_FILTER permit 0.0.0.0/0
ip prefix-list STUB_FILTER deny 203.0.113.0/24
ip prefix-list NSSA_FILTER permit 192.168.0.0/16 le 24
ip prefix-list NSSA_FILTER permit 10.0.0.0/8 le 16
ip prefix-list NSSA_FILTER deny 0.0.0.0/0 le 32
!
! Virtual Link Configuration for Non-Contiguous Areas
!
area 0.0.0.4 virtual-link 10.0.0.5
area 0.0.0.4 virtual-link 10.0.0.5 authentication message-digest
area 0.0.0.4 virtual-link 10.0.0.5 message-digest-key 1 md5 VirtualLinkKey2024Implement OSPF authentication and security
Configure area-wide authentication and interface-level security for OSPF adjacencies.
!
! OSPF Security Configuration
!
router ospf
area 0.0.0.0 authentication message-digest
area 0.0.0.1 authentication message-digest
area 0.0.0.2 authentication
passive-interface default
no passive-interface eth0
no passive-interface eth1
no passive-interface eth2
!
! Interface Authentication
!
interface eth0
ip ospf message-digest-key 1 md5 BackboneAuthKey2024
ip ospf message-digest-key 2 md5 BackupAuthKey2024
!
interface eth1
ip ospf message-digest-key 1 md5 Area1AuthKey2024
!
interface eth2
ip ospf authentication-key Area2PlainKey2024
!
! Neighbor Authentication
!
router ospf
neighbor 10.0.0.10 priority 1
neighbor 10.0.0.11 priority 50
neighbor 192.168.1.10 poll-interval 60
neighbor 192.168.1.10 cost 100Configure OSPF timers and convergence optimization
Tune OSPF timers and SPF calculations for faster convergence in enterprise networks.
!
! OSPF Timer Optimization
!
router ospf
timers throttle spf 1000 5000 10000
timers throttle lsa 100 1000 5000
timers lsa min-arrival 500
refresh timer 1800
max-metric router-lsa on-startup 30
max-metric router-lsa administrative
!
! Interface Timer Configuration
!
interface eth0
ip ospf hello-interval 5
ip ospf dead-interval 15
ip ospf retransmit-interval 5
ip ospf transmit-delay 1
!
interface eth1
ip ospf hello-interval 10
ip ospf dead-interval 40
ip ospf retransmit-interval 10
!
! Area-Specific Optimizations
!
router ospf
area 0.0.0.0 shortcut enable
area 0.0.0.1 shortcut disable
compatible rfc1583
log-adjacency-changes detail
auto-cost reference-bandwidth 10000Start and enable FRRouting services
Start FRRouting with the new configuration and enable automatic startup.
sudo systemctl enable frr
sudo systemctl start frr
sudo systemctl status frr
sudo vtysh -c "write memory"Verify OSPF multi-area configuration
Check OSPF neighbor relationships, routing tables, and area configurations using FRRouting commands.
sudo vtysh -c "show ip ospf neighbor"
sudo vtysh -c "show ip ospf database"
sudo vtysh -c "show ip ospf interface"
sudo vtysh -c "show ip ospf area"
sudo vtysh -c "show ip ospf route"Configure advanced route filtering
Implement community-based routing policies
Use BGP communities with OSPF for advanced traffic engineering and policy control.
!
! Community Lists for Policy Control
!
ip community-list standard INTERNAL permit 65001:100
ip community-list standard EXTERNAL permit 65001:200
ip community-list standard BACKUP_PATH permit 65001:300
!
! Route Maps with Communities
!
route-map SET_COMMUNITY permit 10
match ip prefix-list INTERNAL_ROUTES
set community 65001:100
!
route-map SET_COMMUNITY permit 20
match ip prefix-list EXTERNAL_ROUTES
set community 65001:200
set local-preference 50
!
route-map FILTER_BY_COMMUNITY permit 10
match community INTERNAL
set metric 50
!
route-map FILTER_BY_COMMUNITY permit 20
match community EXTERNAL
set metric 200
set metric-type type-2
!
! Apply Communities to OSPF Redistribution
!
router ospf
redistribute bgp route-map SET_COMMUNITY
!
router bgp 65001
address-family ipv4 unicast
redistribute ospf route-map FILTER_BY_COMMUNITY
exit-address-familyConfigure load balancing and traffic engineering
Implement equal-cost multipath routing and traffic engineering for optimal path selection.
!
! ECMP and Traffic Engineering
!
router ospf
maximum-paths 4
distance ospf intra-area 110 inter-area 110 external 110
!
! Interface Cost Manipulation
!
interface eth0
ip ospf cost 10
description "Primary Path to Backbone"
!
interface eth3
ip ospf cost 20
description "Secondary Path to Backbone"
!
! Area Border Router Configuration
!
router ospf
area 0.0.0.1 range 192.168.1.0/24 cost 100
area 0.0.0.2 range 192.168.2.0/24 advertise
area 0.0.0.3 range 192.168.3.0/24 not-advertise
!
! Route Summarization
!
router ospf
summary-address 192.168.0.0/16 cost 50
summary-address 10.0.0.0/16 not-advertise
!
! BGP Traffic Engineering
!
router bgp 65001
address-family ipv4 unicast
maximum-paths 2
maximum-paths ibgp 2
exit-address-familyMonitor and troubleshoot OSPF
Set up OSPF monitoring and logging
Configure detailed logging and monitoring for OSPF operations and troubleshooting. You can enhance this with OSPF network monitoring using Prometheus and Grafana for comprehensive visibility.
!
! OSPF Logging Configuration
!
log syslog debugging
log facility local0
no log monitor
!
debug ospf event
debug ospf lsa
debug ospf zebra
!
router ospf
log-adjacency-changes detail
area 0.0.0.0 shortcut enable
!
! Service Monitoring
!
service integrated-vtysh-configCreate OSPF troubleshooting scripts
Develop automated scripts for common OSPF diagnostics and health checking.
#!/bin/bash
OSPF Health Check Script
echo "=== OSPF Multi-Area Health Check ==="
echo
echo "OSPF Neighbor Status:"
sudo vtysh -c "show ip ospf neighbor" | grep -E "(Neighbor ID|State)"
echo
echo "OSPF Database Summary:"
sudo vtysh -c "show ip ospf database summary"
echo
echo "Area LSA Counts:"
for area in 0.0.0.0 0.0.0.1 0.0.0.2 0.0.0.3; do
echo "Area $area:"
sudo vtysh -c "show ip ospf database area $area" | wc -l
done
echo
echo "Route Count by Area:"
sudo vtysh -c "show ip ospf route" | grep -c "O "
echo
echo "BGP OSPF Redistribution:"
sudo vtysh -c "show ip bgp summary"
echo
echo "Interface OSPF Status:"
sudo vtysh -c "show ip ospf interface" | grep -E "(Interface|State|Cost)"
echo "=== Health Check Complete ==="sudo chmod 755 /usr/local/bin/ospf-health-check.sh
sudo /usr/local/bin/ospf-health-check.shSecurity and performance optimization
Implement OSPF security hardening
Apply security best practices including authentication key rotation and access controls.
!
! Security Hardening Configuration
!
password OSPFAdminPassword2024
enable password OSPFEnablePassword2024
service password-encryption
service advanced-vty
!
! Access Control
!
access-list VTY_ACCESS permit 10.0.0.0/24
access-list VTY_ACCESS permit 192.168.100.0/24
access-list VTY_ACCESS deny any
!
line vty
access-class VTY_ACCESS in
exec-timeout 10 0
transport input ssh
!
! BGP Security
!
router bgp 65001
neighbor 203.0.113.10 ttl-security hops 1
neighbor 203.0.113.10 password BGPSecurePassword2024
!
! Key Chain for Authentication Rotation
!
key chain OSPF_AUTH_CHAIN
key 1
key-string OldOSPFKey2024
accept-lifetime 00:00:00 Jan 1 2024 23:59:59 Dec 31 2024
send-lifetime 00:00:00 Jan 1 2024 06:00:00 Jun 1 2024
key 2
key-string NewOSPFKey2024
accept-lifetime 00:00:00 Jun 1 2024 infinite
send-lifetime 06:00:00 Jun 1 2024 infiniteOptimize OSPF performance parameters
Fine-tune OSPF for large-scale deployments and network performance optimization.
!
! Performance Optimization
!
router ospf
ospf router-id 10.0.0.1
auto-cost reference-bandwidth 100000
timers throttle spf 200 1000 5000
timers throttle lsa 0 500 5000
timers lsa min-arrival 100
refresh timer 1800
write-multiplier 100
!
! Memory and CPU Optimization
!
router ospf
area 0.0.0.1 filter-list prefix STUB_SUMMARY_ONLY in
area 0.0.0.3 stub no-summary
max-metric router-lsa on-shutdown 60
!
! Interface Performance Tuning
!
interface eth0
ip ospf hello-interval 3
ip ospf dead-interval 12
ip ospf retransmit-interval 3
ip ospf transmit-delay 1
!
! BGP Performance
!
router bgp 65001
bgp bestpath as-path multipath-relax
bgp graceful-restart
bgp graceful-restart stalepath-time 300
!
! Route Reflection for Scalability
!
router ospf
capability opaque
mpls-te on
mpls-te router-address 10.0.0.1Verify your setup
Run these commands to verify your OSPF multi-area implementation is working correctly:
# Check OSPF neighbors in all areas
sudo vtysh -c "show ip ospf neighbor detail"
Verify area configurations
sudo vtysh -c "show ip ospf area"
Check routing table and route sources
sudo vtysh -c "show ip route ospf"
sudo vtysh -c "show ip route bgp"
Verify LSA database by area
sudo vtysh -c "show ip ospf database area 0.0.0.0"
sudo vtysh -c "show ip ospf database area 0.0.0.1"
Check route redistribution
sudo vtysh -c "show ip ospf database external"
sudo vtysh -c "show ip bgp neighbors advertised-routes"
Verify authentication status
sudo vtysh -c "show ip ospf interface detail"
Test connectivity between areas
ping -c 4 192.168.1.1
ping -c 4 192.168.2.1
ping -c 4 203.0.113.10
Run health check script
sudo /usr/local/bin/ospf-health-check.shCommon issues
| Symptom | Cause | Fix |
|---|---|---|
| No OSPF neighbors forming | Authentication mismatch or network type | sudo vtysh -c "debug ospf hello" and check authentication keys |
| Routes not redistributing between OSPF and BGP | Missing or incorrect route maps | Verify route-map configuration with show route-map |
| Area 0 not reachable | Missing backbone connectivity | Configure virtual-link or add physical backbone connection |
| Stub area receiving external LSAs | Area type misconfiguration | Verify area stub configuration on all routers in area |
| High CPU usage during convergence | SPF timer values too aggressive | Increase SPF throttling timers with timers throttle spf |
| Authentication failures | Key mismatch or expired keys | Check authentication keys with show ip ospf interface |
| NSSA external routes not propagating | Missing NSSA translator configuration | Configure area nssa translate-candidate on ABR |
Next steps
- Configure FRRouting route maps and prefix lists for advanced routing policies
- Implement network monitoring with SNMP and BGP metrics using FRRouting and Prometheus
- Configure OSPF-ISIS redistribution with FRRouting for hybrid networks
- Implement MPLS VPN with FRRouting and OSPF PE-CE routing
- Configure OSPF traffic engineering with RSVP-TE tunnels
Running this in production?
Want this handled for you? Running this at scale adds a second layer of work: capacity planning, failover drills, cost control, and on-call. See how we run infrastructure like this for European teams.
Automated install script
Run this to automate the entire setup
install.sh
#!/usr/bin/env bash
set -euo pipefail
# OSPF Multi-Area FRRouting Installation Script
# Configures FRRouting with advanced OSPF multi-area setup
# Color codes for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
# Check if running as root
if [[ $EUID -ne 0 ]]; then
echo -e "${RED}Error: This script must be run as root${NC}" >&2
exit 1
fi
# Cleanup function
cleanup() {
echo -e "${RED}Installation failed. Performing cleanup...${NC}"
systemctl stop frr 2>/dev/null || true
exit 1
}
trap cleanup ERR
# Auto-detect distribution
if [ -f /etc/os-release ]; then
. /etc/os-release
case "$ID" in
ubuntu|debian)
PKG_MGR="apt"
PKG_UPDATE="apt update"
PKG_INSTALL="apt install -y"
;;
almalinux|rocky|centos|rhel|ol|fedora)
PKG_MGR="dnf"
PKG_UPDATE="dnf update -y"
PKG_INSTALL="dnf install -y"
;;
amzn)
PKG_MGR="yum"
PKG_UPDATE="yum update -y"
PKG_INSTALL="yum install -y"
;;
*)
echo -e "${RED}Unsupported distribution: $ID${NC}"
exit 1
;;
esac
else
echo -e "${RED}Cannot detect distribution${NC}"
exit 1
fi
echo -e "${GREEN}Starting OSPF Multi-Area FRRouting installation...${NC}"
# [1/8] Update system packages
echo -e "${YELLOW}[1/8] Updating system packages...${NC}"
$PKG_UPDATE
# [2/8] Install dependencies
echo -e "${YELLOW}[2/8] Installing dependencies...${NC}"
if [[ "$PKG_MGR" == "apt" ]]; then
$PKG_INSTALL curl gnupg lsb-release tcpdump
# Add FRRouting repository
curl -s https://deb.frrouting.org/frr/keys.asc | apt-key add -
echo "deb https://deb.frrouting.org/frr $(lsb_release -s -c) frr-stable" > /etc/apt/sources.list.d/frr.list
apt update
$PKG_INSTALL frr frr-pythontools
else
$PKG_INSTALL epel-release
$PKG_INSTALL frr tcpdump
fi
# [3/8] Enable IP forwarding
echo -e "${YELLOW}[3/8] Configuring IP forwarding...${NC}"
cat >> /etc/sysctl.conf << 'EOF'
net.ipv4.ip_forward=1
net.ipv4.conf.all.forwarding=1
EOF
sysctl -p
# [4/8] Configure FRRouting daemons
echo -e "${YELLOW}[4/8] Configuring FRRouting daemons...${NC}"
cat > /etc/frr/daemons << 'EOF'
bgpd=yes
ospfd=yes
ospf6d=no
ripd=no
ripngd=no
isisd=no
pimd=no
ldpd=no
nhrpd=no
eigrpd=no
babeld=no
sharpd=no
pbrd=no
staticd=yes
bfdd=no
fabricd=no
EOF
# [5/8] Create base OSPF configuration
echo -e "${YELLOW}[5/8] Creating OSPF configuration...${NC}"
cat > /etc/frr/frr.conf << 'EOF'
frr version 8.0
frr defaults traditional
hostname ospf-router
log syslog informational
no ipv6 forwarding
service integrated-vtysh-config
!
! OSPF Multi-Area Configuration
!
router ospf
ospf router-id 10.0.0.1
log-adjacency-changes
auto-cost reference-bandwidth 10000
area 0.0.0.0 authentication message-digest
area 0.0.0.1 stub
area 0.0.0.2 nssa
area 0.0.0.3 stub no-summary
area 0.0.0.1 default-cost 100
area 0.0.0.2 default-information-originate
!
! Access Lists for Route Filtering
!
access-list INTERNAL_NETWORKS permit 192.168.0.0/16
access-list INTERNAL_NETWORKS permit 10.0.0.0/8
access-list EXTERNAL_ROUTES permit 203.0.113.0/24
access-list EXTERNAL_ROUTES deny any
!
! Prefix Lists for Granular Control
!
ip prefix-list AREA1_SUMMARY permit 192.168.1.0/24
ip prefix-list AREA2_NETWORKS permit 192.168.2.0/23 le 24
ip prefix-list BGP_ROUTES permit 203.0.113.0/24
ip prefix-list BGP_ROUTES deny 0.0.0.0/0 le 32
!
! Route Maps for Policy Implementation
!
route-map OSPF_TO_BGP permit 10
match ip address INTERNAL_NETWORKS
set metric 100
set origin igp
!
route-map BGP_TO_OSPF permit 10
match ip prefix-list BGP_ROUTES
set metric 200
set metric-type type-1
!
route-map AREA_FILTER permit 10
match ip prefix-list AREA1_SUMMARY
set metric add 50
!
route-map AREA_FILTER deny 20
!
line vty
!
EOF
# Set proper permissions
chown frr:frr /etc/frr/frr.conf
chmod 640 /etc/frr/frr.conf
# [6/8] Configure firewall rules
echo -e "${YELLOW}[6/8] Configuring firewall rules...${NC}"
if command -v ufw >/dev/null 2>&1; then
ufw allow 89/tcp comment "OSPF"
ufw allow 89/udp comment "OSPF"
elif command -v firewall-cmd >/dev/null 2>&1; then
firewall-cmd --permanent --add-protocol=ospf
firewall-cmd --reload
fi
# [7/8] Enable and start FRRouting
echo -e "${YELLOW}[7/8] Starting FRRouting services...${NC}"
systemctl enable frr
systemctl start frr
sleep 3
# [8/8] Verification
echo -e "${YELLOW}[8/8] Verifying installation...${NC}"
# Check if FRRouting is running
if ! systemctl is-active frr >/dev/null 2>&1; then
echo -e "${RED}Error: FRRouting service is not running${NC}"
exit 1
fi
# Check OSPF daemon status
vtysh -c "show ip ospf" >/dev/null 2>&1 || {
echo -e "${RED}Error: OSPF daemon is not responding${NC}"
exit 1
}
# Verify IP forwarding
if [[ "$(cat /proc/sys/net/ipv4/ip_forward)" != "1" ]]; then
echo -e "${RED}Error: IP forwarding is not enabled${NC}"
exit 1
fi
echo -e "${GREEN}Installation completed successfully!${NC}"
echo ""
echo "FRRouting OSPF Multi-Area setup is complete."
echo ""
echo "Next steps:"
echo "1. Configure network interfaces with appropriate OSPF settings:"
echo " vtysh -c 'configure terminal' -c 'interface eth0' -c 'ip ospf area 0.0.0.0'"
echo "2. Add networks to OSPF areas:"
echo " vtysh -c 'configure terminal' -c 'router ospf' -c 'network 10.0.0.0/24 area 0.0.0.0'"
echo "3. Configure authentication keys on interfaces:"
echo " vtysh -c 'configure terminal' -c 'interface eth0' -c 'ip ospf message-digest-key 1 md5 YourSecretKey'"
echo "4. Monitor OSPF with: vtysh -c 'show ip ospf neighbor'"
echo ""
echo -e "${YELLOW}Note: Update router-id and network statements to match your topology${NC}"Review the script before running. Execute with: bash install.sh