From: Edward Monk (emonk@xxxxxxx)
Date: Tue Aug 20 2002 - 23:45:37 GMT-3
These are two different issues although they have the area 0
authentication in common.
One issue is if you want Area 0 to propagate the routes correctly then
Ethernet interface needs authentication. Otherwise this interface will
not participate in OSPF routing.
2nd issue is making sure virtual-link has authentication so that the
area is now directly connected to area 0.
One is not dependant on the other.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Hunt Lee
Sent: Tuesday, August 20, 2002 7:36 PM
To: Edward Monk
Cc: ccielab@groupstudy.com
Subject: RE: CCO example on OSPF
Hello Edward,
Yes... I noticed that. But I still don't understand why u would need
it?? Especially, I tested out this evening again and the Virtual
Link is still authenticating without that command on RTA.
Help help!!!
Best Regards,
Hunt Lee
--- Edward Monk <emonk@att.net> wrote: > Hunt,
>
> If you notice the ethernet interface is part of Area 0 on router A.
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf Of
> Hunt Lee
> Sent: Tuesday, August 20, 2002 7:30 AM
> To: ccielab@groupstudy.com
> Subject: CCO example on OSPF
>
> Good morning,
>
> Before leaving my place this morning I had some spare time to play
> around w/some OSPF Virtual Link Authentication and found something
> interesting. This has probably been posted before, I might be the
> last to know about it, or I'm just flat out wrong and wasn't awake
> enough while I was playing.
>
> Anyway, I want to configure 'area 0 authentication' & 'area 1
> virtual-link x.x.x.x authentication-key cisco' on both router A &
> router C and decided to verify if the configs for OSPF Virtual-Link
> Authentication configuration on CCO was true.
>
> http://www.cisco.com/warp/public/104/27.html
>
>
> When I set up my configs as you see below I verified that both of
> those commands are correct, with one problem though. What I have
> found is that CCO has an extra command on Router A's Ethernet
> interface 'ip ospf authentication-key cisco', yet I couldn't
> understand what it is for. With or without this command, my
> Virtual
> Link (between Router A & Router C) still works.
>
> And the same thing happens on the MD5 config, where CCO puts a 'ip
> opsf message-digest-key 1 md5 cisco' on Router A's Ethernet
> interface.
>
> So tell me, is CCO wrong? Did I mis-configure something?
>
> Here is the partial diagram:
>
> ----- ------- ------
> | | | | | |
> | A | ------- | B | ------------ | C |
> | |10.1.1.0/30 | | 10.1.2.0/30 | |
> ----- ------- ------
> | |
> -------- -------
> 100.0.0.1/24 120.0.0.0/24
>
>
>
> Router A
> ---------
>
> router ospf 1
> router-id 1.1.1.1
> log-adjacency-changes
> area 0 authentication
> area 1 virtual-link 3.3.3.3 authentication-key test
> network 10.1.1.0 0.0.0.3 area 1
> network 100.0.0.0 0.255.255.255 area 0
>
> interface Ethernet0
> ip address 100.0.0.1 255.255.255.0
> ip ospf authentication-key cisco
>
>
> Router C
> ---------
>
> router ospf 3
> router-id 3.3.3.3
> log-adjacency-changes
> area 0 authentication
> area 1 virtual-link 1.1.1.1 authentication-key test
> network 10.1.2.0 0.0.0.3 area 1
> network 120.0.0.0 0.255.255.255 area 2
>
>
> http://digital.yahoo.com.au - Yahoo! Digital How To
> - Get the best out of your PC!
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:31 GMT-3