Which networks are the IS-IS and OSPF deployed on


The Intermediate System to Intermediate System routing protocol (IS-IS) is deployed on backbone networks. The open shortest path first (OSPF) is deployed on metropolitan area networks (MANs).

Other related questions:
Which OSPF interfaces require peers
You must configure peers on interfaces in the open shortest path first (OSPF) view, if the link type of the network is Non-Broadcast Multi-Access (NBMA).

Method used to configure IPSec on the AR where NAT and OSPF are deployed
Huawei AR routers support IPSec tunnels in networking where NAT and OSPF are deployed. For details, see "Example for Configuring GRE Over IPSec to Implement Communication Between the Branches and Headquarters and NAT to Implement Communication Between Branches (Running OSPF)" of "Using VPN to Implement WAN Interconnection" in Typical Configuration Examples.

Deployment locations of IS-IS and OSPF on a network
IS-IS is deployed on backbone networks and OSPF is deployed on MANs. OSPF is more suitable for MAN services in terms of the protocol itself. OSPF VPN extension can prevent loops on VPNs by default. You can also configure OSPF VPN extension not to prevent loops on VPNs. In this case, you can configure MCE for route isolation

The TE series endpoint often receives anonymous SIP calls when being deployed on the public network.
The TE series endpoint, which is deployed on the public network, often receives anonymous SIP calls. To resolve this issue, enable the whitelist function. After the whitelist is configured, only the IP address or segment in the whitelist can connect to the endpoint. If the whitelist is empty, any IP addresses can access the endpoint. You can configure the whitelist under System Settings > Whitelist. Troubleshooting: Upgrade the software to TEX0 V100R001C10SPC100 or later. 1. If the endpoint has been registered with a SIP server, the anti-attack policy is automatically enabled. If the IP address of the remote device that makes a call is not the IP address of the SIP server or the destination number of the incoming call is not the number of the endpoint, the endpoint automatically shields the call. 2. If the endpoint has not been registered with a SIP server, the anti-attack policy is disabled by default. To prevent the endpoint from being harassed, manually enable the anti-attack policy by running the mc EnableIPCall set off command.

Can VCNs be deployed as a cluster on different network segments?
No. Only VCNs on the same network segment can be deployed as a cluster.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top