From: Ian.C.Stong@xxxxxxxxxxxxxxx
Date: Thu May 23 2002 - 15:53:38 GMT-3
I've come across some confusion regarding authentication and virtual
links with OSPF. It seems to work two different ways with
authentication key parameters specified as well as without. Lab 20 is
an example using authentication.
So to further explain my question let me lay out a scenario and hope for
some input into the whats and whys.....
Scenario 1
MD5 authentication in area 0 only. Networks - 192.168.x.0/24 via e0's
R3 --- area 2 --- R2 --- area 1 --- R1 --- area 0 --- R0
192.168.3.2 -- .3.1 | .2.2 -- .2.1 | .1.1 -- .1.0
So the obvious is area 2 needs a virtual link through area 1 and note
that area 0 is using md5 authentication - config follows:
R3
router ospf 1
net 192.168.3.0 0.0.0.255 area 2
R2
router ospf 1
net 192.168.3.0 0.0.0.255 area 2
net 192.168.2.0 0.0.0.255 area 1
area 1 virtual-link 192.168.2.1
area 0 authentication message-digest
R1
int e0
ip ospf message-digest-key 1 md5 cisco
router ospf 1
net 192.168.2.0 0.0.0.255 area 1
net 192.168.1.0 0.0.0.255 area 0
area 0 authentication message-digest
area 1 virtual-link 192.168.2.2
R0
int e0
ip ospf message-digest-key 1 md5 cisco
router ospf 1
net 192.168.1.0 0.0.0.255 area 0
area 0 authentication message-digest
Using this scenario R3 is able to see OSPF data from router 1.
I've also seen this work by adding key information on the virtual-link
line.
So R2 would be: area 1 virtual-link 192.168.2.1 message-digest-key 1
md5 cisco
and R1 would be: area 1 virtual-link 192.168.2.2 message-digest-key 1
md5 cisco
This scenario works as well. So the confusion..........
Ideas?????
Thanks
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:07 GMT-3