Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
agodbole
Staff
Staff

Created on ‎02-13-2018 11:40 PM Edited on ‎04-14-2025 05:29 AM By Moderator

Article Id 189801

Technical Tip: Basic OSPF configuration and MTU settings in OSPF

Description

 
This article describes basic OSPF configuration on FortiOS and the behavior of default MTU settings.
  • FortiOS supports OSPF routing protocol. This article is intended to demonstrate the minimal configuration required for OSPF and explain the default behavior of MTU values under OSPF configuration.
  • MTU (Maximum Transmission Unit) is the size (in bytes or octets) of the largest protocol data unit that the layer can accept.
  • Normal Ethernet frames accept an MTU value of ~1500 bytes.

 

Scope

 

FortiGate.


Solution

 

Default OSPF configuration.

In FortiOS, OSPF configuration is simple and can be done in 3 sub hierarchies under the 'router ospf' hierarchy after defining the 'router-id'.

OSPF configuration consists of 3 basic hierarchies:
 
  1. Area Configuration.
  2. Interface Configuration.
  3. Network Configuration.

Area Configuration:

config area
    edit  <a.b.c.d>
    next
end

Interface Configuration:

config ospf-interface
    edit "new"
        set interface "XXXX"
    next
end

Network Configuration:

config network
    edit X
        set prefix <p.q.r.s> <subnet mask>
    next
end

Default MTU value and CLI option to change it.

MTU value is one crucial element to be matched to establish the adjacency of OSPF. MTU values are exchanged in the Hello packets between 2 OSPF speaking routers.

OSPF Adjacency is established only when the MTU values of the two routers are matched. By default, the MTU configuration option is available under config router -> config ospf-interface hierarchy.

FortiOS supports a default MTU value of 1500 on all FortiOS versions.

Examples to manually configure MTU value in OSPF:

The default values of all the parameters can be seen by checking the 'full-configuration'. For example:

FGT (ospf) # sh full-configuration
config ospf-interface
    edit "ospf"
        ...
            set mtu 0     <--
        ...
    next
end

The default value of MTU size under the OSPF interface is seen as '0'. This implies that ospf-interface does not change the default MTU value of 1500.

To change this value, edit 'set mtu' under the ospf-interface hierarchy. For example:

 

config ospf-interface

    edit "XXX"
        set mtu <1436>

 

MTU can also be ignored:

 

config router ospf
    config ospf-interface
        edit int_1
            set mtu-ignore enable
    end
end

 

Configure the MTU value at the Interface:

 

Note:

This configuration is necessary when jumbo frame is enabled on the neighbor's interface. Since FortiGate does not support Jumbo frames by default (as the default MTU is 1500), it has to be enabled at the interface level by using an MTU size of 9000+ on the interface that is participating in the OSPF configuration.

 

config system interface

    edit port <x>

        set mtu-override enable

        set mtu 9216 <----- MTU Value.

    end

end

 

 

Related articles:

13562
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.