From: Kevin Baumgartner (kbaumgar@xxxxxxxxx)
Date: Fri Feb 16 2001 - 00:45:53 GMT-3
>
> Need some advice;
>
> I have 3 routers and each router is connected via serial interface to a =
> Frame cloud. All the serial interface belongs to OSPF AREA 0. 2 of the =
> routers also have ethernet interfaces which belongs to OSPF AREA 1 and =
> the other belongs to OSPF AREA 2. I have setup OSPF MD5 authentication =
> between 2 routers only. All my OSPF routes have disappeared besides the =
> routes between the 2 routers that has MD5 enabled. All routers are =
> running the same OSPF process ID. My question is
>
> 1- Does MD5 authentication need to be setup on all my OSPF routers in =
> order for all routes to appear in all routers and why ??
Yes of course. All three routers are in Area 0. How did you expect the
two routers that are authenticating to trust the non-authenticating ospf
router? Every router in area 0 must do authentication or just turn
authentication off.
> 2- My thinking is, that the 2 routers with MD5 authentication should =
> authenticate with each other only and should still send route updates to =
> other routers regardless.
So they may do this, but why should the routers that have MD5 authentication
allow this router to become OSPF neighbors with them. That's the whole
purpose of using authentication. Don't allow non-authenticated routers
to become ospf neighbors and inject bogus ip routes into the ospf network.
Kevin
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:50 GMT-3