We are shortly upgrading some of our inter-site links from 1Gb to 10Gb. As part of that work I will be changing the reference bandwidth on the core switches from 2Gb to 100Gb (giving a bit of headroom over the 10GB circuits as we already have some 20GB links).
This is nice and easy all I have to do is enter the OSPF process and type auto-cost reference-bandwidth 100 Gbps.
However we also have a large number of ASA firewalls running as part of OSPF - these all seem to be using a reference bandwidth of 100Mbps. as you can see in the screen extract below PEG-VFW01/peg-dfg-vfw01# sh ospf
Routing Process "ospf 1" with ID 172.31.22.1 Start time: 17:03:37.230, Time elapsed: 6w1d (lines omitted) Reference bandwidth unit is 100 mbps
How can I change the reference bandwidth to 100Gbps. Looking at the cisco documentation it appears you can do that using OSPF V3 but as I am not running IPV6 I don't want or need to enable that.
An update to this one. After posting the question here, I also put it to my service company - who passed it onto TAC.
It is not possible to change it. Even on the latest ASA firmware (9.8) the limitation is still there. Obviously cisco don't expect firewalls to make OSPF routing decisions based on high bandwidth costs.
You could do it manually but that will be an admin pain....
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
ISE Node Terminology
Policy Administration Node
Monitoring & Troubleshooting Node
Policy Services Node
Platform Exchange Grid Node
The single plane of glass for ISE administration and configuration operatio...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...
About this Document
Cisco Secure Endpoint (formerly AMP for Endpoints) is a comprehensive Endpoint Security solution designed to function both as a stand-alone tool, and as a part of the architecture of natively integrated Cisco and 3rd par...