You want to create multiple areas in OSPF.
Configure a new area (separate from the backbone area) under the VR OSPF hierarchy, and attach that area to an interface:
set vrouter "trust-vr"FIREWALL-A(trust-vr)->
set protocol ospfFIREWALL-A(trust-vr/ospf)->
set area 1FIREWALL-A(trust-vr/ospf)->
set interface ethernet0/0 protocol ospf area 1FIREWALL-A->
set interface ethernet0/0 protocol ospf enable
In the past, multiple-area topologies were required to scale OSPF, but today, most routers are powerful enough that multiple areas are not required. Another reason for implementing a multiarea topology is for route control and policies because only ABRs can control route propagation in OSPF. Redistributed routes normally have AS-wide flooding scope, but it is possible to contain them within special areas (see Recipe 16.5 and Recipe 16.6).
0 is always preconfigured in ScreenOS. To create an additional area, configure the area under the VR OSPF hierarchy and attach it to an interface. If multiple interfaces are configured in different areas, the device becomes an ABR. Here we configure a second area, area
1. FIREWALL-B becomes an ABR between the backbone area 0 and area 1 (see Figure 16-2).
If you want to change the area on an interface, you must first disable OSPF on that interface, switch the area, and then enable it again. You also must put that interface into ...