Filter
Top Products
Chapter 5 Configuring Firewall Load Balancing
Configuring FWLB
5-6
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
• index - An existing index number for the firewall route. For information on
configuring a firewall index, see the ip firewall command.
• distance - The optional administrative distance. Enter an integer from 1 to
254. A smaller number is preferable. The default value is 1.
Note The CLI prevents you from configuring IP static routes that are firewall routes
and IP static routes that are not firewall routes with the same destination addresses
and administrative costs. Make either the costs or the addresses unique between
firewall and non-firewall routes.
For example:
(config)# ip route 192.168.2.0/24 firewall 1 2
To remove a firewall route, enter:
(config)# no ip route 192.168.2.0/24 firewall 1
Configuring OSPF to Advertise Firewall Routes
To advertise firewall routes from other protocols through OSPF, use the ospf
redistribute firewall command. Redistribution of these routes makes them OSPF
external routes.
You can optionally:
• Define the network cost for the route by including the metric option. Enter a
number from 1 to 16,777,215
. The default is 1.
• Define a 32-bit tag value to advertise each external route by including the tag
option. You can use it to communicate information between autonomous
system boundary routers (ASBRs).
• Advertise the routes as ASE type1 by including the type1 option. The default
is ASE type2. The difference between type1 and type2 is how the cost is
calculated. For a type2 ASE, only the external cost (metric) is considered
when comparing multiple paths to the same destination. For type1 ASE, the
combination of the external cost and the cost to reach the ASBR is used.
For example:
(config)# ospf redistribute firewall metric 3 type1