OSPF Route Map and Redistribution

Each protocol with Routemap support allows configuration of Import Routemaps and Export Routemaps.

A protocol's Import Routemaps govern, which routes will be imported into the routing table from that protocol.

A protocol's Export Routemaps govern, which routes from other routing protocols will be sent out with that protocol.

Within a routemap, the same procedure applies when checking individual routemap IDs: the IDs are checked from lowest to highest until a match is found. Therefore, more specific match conditions should have lower IDs or should be present in lower preference routemaps so that they are checked first, instead of being ignored in favor of less specific match conditions.

Configuring IPv4 OSPFv2 Router ID

• Do not use the IP address 0.0.0.0 as the Router ID.

• In a cluster, you must configure the Router ID to one of the Cluster Virtual IP addresses.

  In a Cluster, you must configure all the Cluster Members in the same way.

Configuring IPv4 OSPFv2 in Gaia Portal

• In a Cluster, you must configure all the Cluster Members in the same way.

• Start the OSPF configuration from Router ID (see Configuring IPv4 OSPFv2 Router ID).

• Gaia Clish does not have commands for route filtering and redistribution. You must configure inbound routing policies and redistribution of routes through the Gaia Portal.

  You can configure route maps and route aggregation using Gaia Clish commands. Route map configuration done through the Gaia Clish takes precedence over route filtering and redistribution configured in the Gaia Portal. For example, if OSPF uses route maps for inbound filtering, anything configured in the Gaia Portal for inbound route filters for OSPF is ignored. You can still use the Gaia Portal to configure route redistribution into OSPF.

set interface eth1-01 comments "Inside OSPF (Area 4 - Regular)" 
set interface eth1-01 state on 
set interface eth1-01 auto-negotiation on 
set interface eth1-01 mtu 1500 
set interface eth1-01 ipv4-address 100.14.255.29 mask-length 29 

set router-id 100.14.255.28

OSPF  

set ospf instance default area backbone on
set ospf instance default area 0.0.0.4 on
set ospf instance default interface eth1-01 area 0.0.0.4 on
set ospf instance default interface eth1-01 priority 1

set ospf instance default interface eth1-01 authtype cryptographic key 1 algorithm md5 secret already_scrambled_Bm4JO9gDBWc=_00000000000000000000000000000000000000000000000000

set ospf instance default export-routemap static-to-ospf preference 4 on

set inbound-route-filter ospf2 instance default accept-all-ipv4
set inbound-route-filter rip accept-all-ipv4

ROUTE MAP

set routemap static-to-ospf id 4 on
set routemap static-to-ospf id 4 allow
set routemap static-to-ospf id 4 match network 10.114.32.0/19 all
set routemap static-to-ospf id 4 match protocol static

## The following items are listed under their respective command sets
## (e.g. "set bgp") and are displayed here for informational purposes:
# set ospf instance default export-routemap static-to-ospf preference 4 on

Implicit Rule

In every Security policy, the 1st layer must have its implicit "cleanup rule" set to "drop" and for the 2nd ordered layer the "implicit cleanup" rule must be set to "accept". 

These are the defaults when creating policies & layers, Every layer has the "implicit cleanup rule" in its properties. 

Implied rules you can modify implied_rules.def-file on the management-server. 

Implied rules are "attached" during install policy, to the relevant context. The implied rules that are selected to appear "first", are added to the first ordered layer in the policy. 

The implied rules that are selected to appear "before last" or "last", are added to all the layers.