From: Dawit Birhanu (dawit@xxxxxxxxxxxx)
Date: Wed Feb 23 2000 - 13:51:43 GMT-3
Hi Jack,
OSPF authentication type (simple password, MD5, or Null) has to be the
same throughout an area. The authentication key has to be the same on all
the interfaces attached to a given segment. However, authentication key
need not be the same throughout an area. You can alsp infer this from the
fact that, the authentication type is configured using the "area" command
in the router configuration; while the authentication key is configured
using "ip ospf" command in the interface configuration.
There is an example of different authentication keys used in the
OSPF Configuration Guide. I have included the URL below.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_c/1c
prt1/1cospf.htm#xtocid1313440
Dawit Birhanu
CCIE #5602
On Wed, 23 Feb 2000, Jack Chang wrote:
> Hi, all,
>
> Section 6.1 of 'OSPF DESIGN GUIDE'(http://www.cisco.com/warp/public/104/2.htm
l)
> mentioned that 'Simple password authentication allows a password(key) to be
> configured PER AREA. Routers in the same area that want to participate in the
> routing domain will have to be configured with the SAME KEY'.This means if yo
u
> want to use authentication under OSPF, then all the routers in the same area
> must be configured with authentication, and must use the same password.
>
> But in Terry's book 'Advanced IP Routing in Cisco Networks' page 185, there i
s
> an example showing that all three routers in the same area were configured wi
th
> authentication using Type 1, but only two neighbors using the same password,
as
> we can say R1 and R2 using password 'xxxx', R1 and R3 using password 'yyyy'.
>
> What's the point ?
>
> Thanks,
>
> Jack
>
> Internetworking Engineer
> CCNP,CCDP
> CCIE candidate
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:54 GMT-3