My company is about to get a security audit next week and I'm trying to tighten up my network. I'm not sure if it's normal but I am getting OSPF Hello Packets on all of my VLAN interfaces. I only use OSPF on the main switch that talks to our core router. We usually do static routes at all of our locations so these packets only show up on this one network that uses OSPF. We only do static routes to adjacent IDFs in our buildings.
The switch is an HP 5820 running Comware 5 plugging into a Cisco 6880.
(Cisco)
! interface TenGigabitEthernet5/6 description te1/0/24 ip address 128.66.0.1 255.255.255.252 no ip redirects no ip unreachables no ip proxy-arp ip pim sparse-mode ip policy route-map voip ! router ospf 100 router-id 128.66.0.10 redistribute connected subnets redistribute static subnets network 0.0.0.0 255.255.255.255 area 0 default-information originate
(HP)
# interface Vlan-interface1 description Default VLAN ip address 10.27.0.1 255.255.0.0 dhcp select relay dhcp relay server-select 1 # interface Vlan-interface100 description Apple TV ip address 10.28.100.1 255.255.255.0 dhcp select relay dhcp relay server-select 1 # interface Ten-GigabitEthernet1/0/24 port link-mode route description Uplink to Cisco6880 Te5/6 ip 128.66.0.1 ip address 128.66.0.2 255.255.255.252 sflow sampling-rate 1000 sflow flow collector 1 sflow counter interval 20 sflow counter collector 1 # ospf 100 router-id 128.66.0.2 description external routing area 0.0.0.0 network 0.0.0.0 255.255.255.255
I'm thinking the hello packet isn't that big of a deal. I was thinking of adding
ospf network-type p2p
to the interface ten 1/0/24 on the HP 5820. I'm going to wait until after hours though before I try that.
The Cisco is owned by my ISP so I don't like making changes on it but I can if I have too. I'm more comfortable with HP Comware anyway.
No comments:
Post a Comment