From: Jason Cash (cash2001@swbell.net)
Date: Thu Nov 21 2002 - 02:17:02 GMT-3
Well, apparently, Area 5 (R3,5) is not rcv'g routes from Area 0 (due to
authentication) and Area0 (1,4) is not rcv'g Area5's routes. This is a
crude topology. The configs show md5 auth b/w R3,5 and clear text
auth. On Area0 A0.
R5
|(A5)
(A10) |
R2 R3
\ /
(A2)\ (A3)/
\ /
/ \
/ \
/ (A0) \
R1 R4
-----Original Message-----
From: Cassidy D. Smith [mailto:csmith@plannetconsulting.com]
Sent: Wednesday, November 20, 2002 10:30 PM
To: 'Jason Cash'; ccielab@groupstudy.com
Subject: RE: Ospf area authentication
We didn't get your attachment you will need to do it in ASCII. Or you
can
send it directly. I looked at your configs. I have a hint for you
virtual
links are "interfaces".
-case
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Jason Cash
Sent: Wednesday, November 20, 2002 7:45 PM
To: ccielab@groupstudy.com
Subject: Ospf area authentication
I am running into a problem with authentication in ospf. RTR 3 and 5
(AREA 5) are authenticating via ospf and see one another's routes.
However, when I look at RTR1,2,4 the routes from 5 are not propagating
to them (1,2,4). Attached is a pic of the topology and the configs for
1,2,3,4,5. is there some type of redistribution that needs to occur
from an authenticated area?
r5#sh ip ro
153.1.0.0/16 is variably subnetted, 7 subnets, 3 masks
O IA 153.1.203.0/24 [110/1294] via 153.1.53.67, 00:42:28, Serial1
O E1 153.1.61.0/24 [110/1304] via 153.1.53.67, 00:42:28, Serial1
O IA 153.1.43.0/25 [110/747] via 153.1.53.67, 00:42:28, Serial1
O E1 153.1.66.0/24 [110/1304] via 153.1.53.67, 00:42:28, Serial1
C 153.1.53.64/27 is directly connected, Serial1
C 153.1.105.0/24 is directly connected, Loopback0
O E1 153.1.101.0/24 [110/1304] via 153.1.53.67, 00:42:28, Serial1
O E1 192.168.88.0/24 [110/1304] via 153.1.53.67, 00:42:29, Serial1
162.1.0.0/24 is subnetted, 1 subnets
C 162.1.1.0 is directly connected, Ethernet0
r3#sh ip ro
153.1.0.0/16 is variably subnetted, 11 subnets, 3 masks
O IA 153.1.200.0/24 [110/1294] via 153.1.203.1, 00:42:47, Serial0
C 153.1.203.0/24 is directly connected, Serial0
O IA 153.1.204.0/24 [110/747] via 153.1.43.44, 00:42:47, Ethernet0
O IA 153.1.1.0/24 [110/747] via 153.1.203.1, 00:42:47, Serial0
O E1 153.1.61.0/24 [110/657] via 153.1.203.1, 00:42:47, Serial0
C 153.1.43.0/25 is directly connected, Ethernet0
O E1 153.1.66.0/24 [110/657] via 153.1.203.1, 00:42:47, Serial0
C 153.1.53.64/27 is directly connected, Serial1
O 153.1.105.0/24 [110/648] via 153.1.53.68, 00:42:48, Serial1
O E1 153.1.101.0/24 [110/657] via 153.1.203.1, 00:42:48, Serial0
C 153.1.103.0/24 is directly connected, Loopback0
O E1 192.168.88.0/24 [110/657] via 153.1.203.1, 00:42:48, Serial0
162.1.0.0/24 is subnetted, 1 subnets
O 162.1.1.0 [110/747] via 153.1.53.68, 00:42:49, Serial1
r1#sh ip ro
153.1.0.0/16 is variably subnetted, 8 subnets, 2 masks
C 153.1.200.0/24 is directly connected, Serial0.2
C 153.1.203.0/24 is directly connected, Serial0.3
C 153.1.204.0/24 is directly connected, Serial0.4
C 153.1.1.0/24 is directly connected, Ethernet0
C 153.1.61.0/24 is directly connected, Serial1
O IA 153.1.43.0/25 [110/747] via 153.1.204.2, 00:46:01, Serial0.4
R 153.1.66.0/24 [120/1] via 153.1.61.5, 00:00:17, Serial1
C 153.1.101.0/24 is directly connected, Loopback0
R 192.168.88.0/24 [120/1] via 153.1.61.5, 00:00:18, Serial1
R1
hostname r1
!
!
username user1 password 7 105B1A1C1746
username user2 privilege 2 password 7 001100031609
username user3 privilege 15 password 7 111C0A000541
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 153.1.101.1 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0
ip address 153.1.1.1 255.255.255.0
no keepalive
no cdp enable
!
interface Serial0
no ip address
encapsulation frame-relay
no fair-queue
no frame-relay inverse-arp
!
interface Serial0.2 point-to-point
ip address 153.1.200.1 255.255.255.0
ip ospf network point-to-point
frame-relay interface-dlci 102
!
interface Serial0.3 point-to-point
ip address 153.1.203.1 255.255.255.0
ip ospf network point-to-point
frame-relay interface-dlci 103
!
interface Serial0.4 point-to-point
ip address 153.1.204.1 255.255.255.0
ip ospf authentication-key cisco
ip ospf network point-to-point
frame-relay interface-dlci 104
!
interface Serial1
ip address 153.1.61.6 255.255.255.0
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 1000
area 0 authentication
area 2 virtual-link 153.1.102.1
area 3 virtual-link 153.1.103.1
redistribute rip metric 10 metric-type 1 subnets
network 153.1.1.0 0.0.0.255 area 0
network 153.1.200.0 0.0.0.255 area 2
network 153.1.203.0 0.0.0.255 area 3
network 153.1.204.0 0.0.0.255 area 0
!
router rip
redistribute ospf 1 metric 2
passive-interface Ethernet0
passive-interface Loopback0
passive-interface Serial0
passive-interface Serial0.2
passive-interface Serial0.3
passive-interface Serial0.4
network 153.1.0.0
!
no ip classless
no ip http server
!
cdp timer 70
cdp holdtime 210
!
alias exec shi sh ip int brief
privilege exec level 1 show
privilege exec level 2 show sessions
privilege exec level 2 show users
privilege exec level 2 disconnect
privilege exec level 2 clear line
!
line con 0
exec-timeout 60 0
length 40
line aux 0
line vty 0 4
login
!
end
R2
hostname r2
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 153.1.102.1 255.255.255.0
!
interface Loopback1
ip address 10.1.0.1 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0
ip address 10.1.1.1 255.255.255.0
no ip route-cache
no ip mroute-cache
no keepalive
!
interface Serial0
no ip address
encapsulation frame-relay
no ip route-cache
no ip mroute-cache
no frame-relay inverse-arp
frame-relay lmi-type cisco
!
interface Serial0.1 point-to-point
ip address 153.1.200.2 255.255.255.0
no ip route-cache
ip ospf network point-to-point
no ip mroute-cache
frame-relay interface-dlci 201
!
interface Serial1
no ip address
no ip route-cache
no ip mroute-cache
shutdown
!
router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 1000
area 2 virtual-link 153.1.101.1
area 10 range 10.1.0.0 255.255.254.0
network 10.1.0.0 0.0.0.255 area 10
network 10.1.1.0 0.0.0.255 area 10
network 153.1.200.0 0.0.0.255 area 2
!
ip classless
no ip http server
!
!
alias exec shi sh ip int brief
!
line con 0
exec-timeout 60 0
line aux 0
transport input all
line vty 0 4
login
!
R3
hostname r3
!
!
ip subnet-zero
no ip domain-lookup
!
!
key chain eigrp
key 1
key-string 7 0949470E0B15
!
!
!
interface Loopback0
ip address 153.1.103.1 255.255.255.0
!
interface Ethernet0
ip address 153.1.43.33 255.255.255.128
no ip route-cache
no ip mroute-cache
no keepalive
!
interface Serial0
ip address 153.1.203.2 255.255.255.0
encapsulation frame-relay
no ip route-cache
ip ospf network point-to-point
no ip mroute-cache
frame-relay map ip 153.1.203.1 301 broadcast
no frame-relay inverse-arp
frame-relay lmi-type cisco
!
interface Serial1
ip address 153.1.53.67 255.255.255.224
no ip route-cache
ip ospf message-digest-key 1 md5 cisco
no ip mroute-cache
!
router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 1000
area 3 virtual-link 153.1.101.1
area 5 authentication message-digest
network 153.1.43.0 0.0.0.127 area 34
network 153.1.53.64 0.0.0.31 area 5
network 153.1.203.0 0.0.0.255 area 3
!
ip classless
no ip http server
!
!
alias exec shi sh ip int brief
!
line con 0
exec-timeout 60 0
line aux 0
transport input all
line vty 0 4
password 7 045802150C2E
no login
!
R4
hostname r4
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 153.1.104.1 255.255.255.0
!
interface Ethernet0
ip address 153.1.43.44 255.255.255.128
no ip route-cache
no ip mroute-cache
no keepalive
!
interface Serial0
no ip address
encapsulation frame-relay
no ip route-cache
no ip mroute-cache
no frame-relay inverse-arp
frame-relay lmi-type cisco
!
interface Serial0.1 multipoint
ip address 153.1.204.2 255.255.255.0
no ip route-cache
ip ospf authentication-key cisco
ip ospf network point-to-point
no ip mroute-cache
frame-relay interface-dlci 401
!
interface Serial1
no ip address
no ip route-cache
no ip mroute-cache
shutdown
!
router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 1000
area 0 authentication
network 153.1.43.0 0.0.0.127 area 34
network 153.1.204.0 0.0.0.255 area 0
!
ip classless
no ip http server
!
!
alias exec shi sh ip int brief
!
line con 0
exec-timeout 60 0
line aux 0
transport input all
line vty 0 4
login
!
end
R5
hostname r5
!
!
ip subnet-zero
no ip domain-lookup
!
!
key chain eigrp
key 1
key-string 7 104B001E1707
!
!
!
interface Loopback0
ip address 153.1.105.1 255.255.255.0
ip ospf network point-to-point
!
interface Ethernet0
ip address 162.1.1.1 255.255.255.0
no ip route-cache
no ip mroute-cache
no keepalive
!
interface Serial0
no ip address
no ip route-cache
no ip mroute-cache
shutdown
!
interface Serial1
ip address 153.1.53.68 255.255.255.224
no ip route-cache
ip ospf message-digest-key 1 md5 7 104D000A0618
no ip mroute-cache
clockrate 500000
!
router ospf 1
log-adjacency-changes
auto-cost reference-bandwidth 1000
area 5 authentication message-digest
network 153.1.105.0 0.0.0.255 area 5
network 0.0.0.0 255.255.255.255 area 5
!
ip classless
no ip http server
!
!
alias exec shi sh ip int brief
!
line con 0
exec-timeout 60 0
line aux 0
transport input all
line vty 0 4
login
!
[GroupStudy.com removed an attachment of type image/jpeg which had a
name of
image001.jpg]
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:08 GMT-3