From: jl yan (yanjunling@hotmail.com)
Date: Thu Nov 21 2002 - 02:17:56 GMT-3
use redistribute connected subnets make sure the Loopback address in ospf
>From: "Cassidy D. Smith" <csmith@plannetconsulting.com>
>Reply-To: "Cassidy D. Smith" <csmith@plannetconsulting.com>
>To: "'Jason Cash'" <cash2001@swbell.net>, <ccielab@groupstudy.com>
>Subject: RE: Ospf area authentication
>Date: Wed, 20 Nov 2002 20:29:59 -0800
>
>We didn't get your attachment you will need to do it in ASCII. Or you can
>send it directly. I looked at your configs. I have a hint for you virtual
>links are "interfaces".
>
>-case
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
>Jason Cash
>Sent: Wednesday, November 20, 2002 7:45 PM
>To: ccielab@groupstudy.com
>Subject: Ospf area authentication
>
>
>I am running into a problem with authentication in ospf. RTR 3 and 5
>(AREA 5) are authenticating via ospf and see one another's routes.
>However, when I look at RTR1,2,4 the routes from 5 are not propagating
>to them (1,2,4). Attached is a pic of the topology and the configs for
>1,2,3,4,5. is there some type of redistribution that needs to occur
>from an authenticated area?
>
>
>
>
>
>r5#sh ip ro
>
> 153.1.0.0/16 is variably subnetted, 7 subnets, 3 masks
>O IA 153.1.203.0/24 [110/1294] via 153.1.53.67, 00:42:28, Serial1
>O E1 153.1.61.0/24 [110/1304] via 153.1.53.67, 00:42:28, Serial1
>O IA 153.1.43.0/25 [110/747] via 153.1.53.67, 00:42:28, Serial1
>O E1 153.1.66.0/24 [110/1304] via 153.1.53.67, 00:42:28, Serial1
>C 153.1.53.64/27 is directly connected, Serial1
>C 153.1.105.0/24 is directly connected, Loopback0
>O E1 153.1.101.0/24 [110/1304] via 153.1.53.67, 00:42:28, Serial1
>O E1 192.168.88.0/24 [110/1304] via 153.1.53.67, 00:42:29, Serial1
> 162.1.0.0/24 is subnetted, 1 subnets
>C 162.1.1.0 is directly connected, Ethernet0
>
>r3#sh ip ro
>
> 153.1.0.0/16 is variably subnetted, 11 subnets, 3 masks
>O IA 153.1.200.0/24 [110/1294] via 153.1.203.1, 00:42:47, Serial0
>C 153.1.203.0/24 is directly connected, Serial0
>O IA 153.1.204.0/24 [110/747] via 153.1.43.44, 00:42:47, Ethernet0
>O IA 153.1.1.0/24 [110/747] via 153.1.203.1, 00:42:47, Serial0
>O E1 153.1.61.0/24 [110/657] via 153.1.203.1, 00:42:47, Serial0
>C 153.1.43.0/25 is directly connected, Ethernet0
>O E1 153.1.66.0/24 [110/657] via 153.1.203.1, 00:42:47, Serial0
>C 153.1.53.64/27 is directly connected, Serial1
>O 153.1.105.0/24 [110/648] via 153.1.53.68, 00:42:48, Serial1
>O E1 153.1.101.0/24 [110/657] via 153.1.203.1, 00:42:48, Serial0
>C 153.1.103.0/24 is directly connected, Loopback0
>O E1 192.168.88.0/24 [110/657] via 153.1.203.1, 00:42:48, Serial0
> 162.1.0.0/24 is subnetted, 1 subnets
>O 162.1.1.0 [110/747] via 153.1.53.68, 00:42:49, Serial1
>
>r1#sh ip ro
>
> 153.1.0.0/16 is variably subnetted, 8 subnets, 2 masks
>C 153.1.200.0/24 is directly connected, Serial0.2
>C 153.1.203.0/24 is directly connected, Serial0.3
>C 153.1.204.0/24 is directly connected, Serial0.4
>C 153.1.1.0/24 is directly connected, Ethernet0
>C 153.1.61.0/24 is directly connected, Serial1
>O IA 153.1.43.0/25 [110/747] via 153.1.204.2, 00:46:01, Serial0.4
>R 153.1.66.0/24 [120/1] via 153.1.61.5, 00:00:17, Serial1
>C 153.1.101.0/24 is directly connected, Loopback0
>R 192.168.88.0/24 [120/1] via 153.1.61.5, 00:00:18, Serial1
>
>R1
>hostname r1
>!
>!
>username user1 password 7 105B1A1C1746
>username user2 privilege 2 password 7 001100031609
>username user3 privilege 15 password 7 111C0A000541
>ip subnet-zero
>no ip domain-lookup
>!
>!
>!
>!
>interface Loopback0
> ip address 153.1.101.1 255.255.255.0
> ip ospf network point-to-point
>!
>interface Ethernet0
> ip address 153.1.1.1 255.255.255.0
> no keepalive
> no cdp enable
>!
>interface Serial0
> no ip address
> encapsulation frame-relay
> no fair-queue
> no frame-relay inverse-arp
>!
>interface Serial0.2 point-to-point
> ip address 153.1.200.1 255.255.255.0
> ip ospf network point-to-point
> frame-relay interface-dlci 102
>!
>interface Serial0.3 point-to-point
> ip address 153.1.203.1 255.255.255.0
> ip ospf network point-to-point
> frame-relay interface-dlci 103
>!
>interface Serial0.4 point-to-point
> ip address 153.1.204.1 255.255.255.0
> ip ospf authentication-key cisco
> ip ospf network point-to-point
> frame-relay interface-dlci 104
>!
>interface Serial1
> ip address 153.1.61.6 255.255.255.0
>!
>interface BRI0
> no ip address
> encapsulation hdlc
> shutdown
>!
>router ospf 1
> log-adjacency-changes
> auto-cost reference-bandwidth 1000
> area 0 authentication
> area 2 virtual-link 153.1.102.1
> area 3 virtual-link 153.1.103.1
> redistribute rip metric 10 metric-type 1 subnets
> network 153.1.1.0 0.0.0.255 area 0
> network 153.1.200.0 0.0.0.255 area 2
> network 153.1.203.0 0.0.0.255 area 3
> network 153.1.204.0 0.0.0.255 area 0
>!
>router rip
> redistribute ospf 1 metric 2
> passive-interface Ethernet0
> passive-interface Loopback0
> passive-interface Serial0
> passive-interface Serial0.2
> passive-interface Serial0.3
> passive-interface Serial0.4
> network 153.1.0.0
>!
>no ip classless
>no ip http server
>!
>cdp timer 70
>cdp holdtime 210
>!
>alias exec shi sh ip int brief
>privilege exec level 1 show
>privilege exec level 2 show sessions
>privilege exec level 2 show users
>privilege exec level 2 disconnect
>privilege exec level 2 clear line
>!
>line con 0
> exec-timeout 60 0
> length 40
>line aux 0
>line vty 0 4
> login
>!
>end
>
>R2
>hostname r2
>!
>!
>ip subnet-zero
>no ip domain-lookup
>!
>!
>!
>!
>interface Loopback0
> ip address 153.1.102.1 255.255.255.0
>!
>interface Loopback1
> ip address 10.1.0.1 255.255.255.0
> ip ospf network point-to-point
>!
>interface Ethernet0
> ip address 10.1.1.1 255.255.255.0
> no ip route-cache
> no ip mroute-cache
> no keepalive
>!
>interface Serial0
> no ip address
> encapsulation frame-relay
> no ip route-cache
> no ip mroute-cache
> no frame-relay inverse-arp
> frame-relay lmi-type cisco
>!
>interface Serial0.1 point-to-point
> ip address 153.1.200.2 255.255.255.0
> no ip route-cache
> ip ospf network point-to-point
> no ip mroute-cache
> frame-relay interface-dlci 201
>!
>interface Serial1
> no ip address
> no ip route-cache
> no ip mroute-cache
> shutdown
>!
>router ospf 1
> log-adjacency-changes
> auto-cost reference-bandwidth 1000
> area 2 virtual-link 153.1.101.1
> area 10 range 10.1.0.0 255.255.254.0
> network 10.1.0.0 0.0.0.255 area 10
> network 10.1.1.0 0.0.0.255 area 10
> network 153.1.200.0 0.0.0.255 area 2
>!
>ip classless
>no ip http server
>!
>!
>alias exec shi sh ip int brief
>!
>line con 0
> exec-timeout 60 0
>line aux 0
> transport input all
>line vty 0 4
> login
>!
>
>R3
>hostname r3
>!
>!
>ip subnet-zero
>no ip domain-lookup
>!
>!
>key chain eigrp
> key 1
> key-string 7 0949470E0B15
>!
>!
>!
>interface Loopback0
> ip address 153.1.103.1 255.255.255.0
>!
>interface Ethernet0
> ip address 153.1.43.33 255.255.255.128
> no ip route-cache
> no ip mroute-cache
> no keepalive
>!
>interface Serial0
> ip address 153.1.203.2 255.255.255.0
> encapsulation frame-relay
> no ip route-cache
> ip ospf network point-to-point
> no ip mroute-cache
> frame-relay map ip 153.1.203.1 301 broadcast
> no frame-relay inverse-arp
> frame-relay lmi-type cisco
>!
>interface Serial1
> ip address 153.1.53.67 255.255.255.224
> no ip route-cache
> ip ospf message-digest-key 1 md5 cisco
> no ip mroute-cache
>!
>router ospf 1
> log-adjacency-changes
> auto-cost reference-bandwidth 1000
> area 3 virtual-link 153.1.101.1
> area 5 authentication message-digest
> network 153.1.43.0 0.0.0.127 area 34
> network 153.1.53.64 0.0.0.31 area 5
> network 153.1.203.0 0.0.0.255 area 3
>!
>ip classless
>no ip http server
>!
>!
>alias exec shi sh ip int brief
>!
>line con 0
> exec-timeout 60 0
>line aux 0
> transport input all
>line vty 0 4
> password 7 045802150C2E
> no login
>!
>
>R4
>hostname r4
>!
>!
>ip subnet-zero
>no ip domain-lookup
>!
>!
>!
>!
>interface Loopback0
> ip address 153.1.104.1 255.255.255.0
>!
>interface Ethernet0
> ip address 153.1.43.44 255.255.255.128
> no ip route-cache
> no ip mroute-cache
> no keepalive
>!
>interface Serial0
> no ip address
> encapsulation frame-relay
> no ip route-cache
> no ip mroute-cache
> no frame-relay inverse-arp
> frame-relay lmi-type cisco
>!
>interface Serial0.1 multipoint
> ip address 153.1.204.2 255.255.255.0
> no ip route-cache
> ip ospf authentication-key cisco
> ip ospf network point-to-point
> no ip mroute-cache
> frame-relay interface-dlci 401
>!
>interface Serial1
> no ip address
> no ip route-cache
> no ip mroute-cache
> shutdown
>!
>router ospf 1
> log-adjacency-changes
> auto-cost reference-bandwidth 1000
> area 0 authentication
> network 153.1.43.0 0.0.0.127 area 34
> network 153.1.204.0 0.0.0.255 area 0
>!
>ip classless
>no ip http server
>!
>!
>alias exec shi sh ip int brief
>!
>line con 0
> exec-timeout 60 0
>line aux 0
> transport input all
>line vty 0 4
> login
>!
>end
>
>R5
>hostname r5
>!
>!
>ip subnet-zero
>no ip domain-lookup
>!
>!
>key chain eigrp
> key 1
> key-string 7 104B001E1707
>!
>!
>!
>interface Loopback0
> ip address 153.1.105.1 255.255.255.0
> ip ospf network point-to-point
>!
>interface Ethernet0
> ip address 162.1.1.1 255.255.255.0
> no ip route-cache
> no ip mroute-cache
> no keepalive
>!
>interface Serial0
> no ip address
> no ip route-cache
> no ip mroute-cache
> shutdown
>!
>interface Serial1
> ip address 153.1.53.68 255.255.255.224
> no ip route-cache
> ip ospf message-digest-key 1 md5 7 104D000A0618
> no ip mroute-cache
> clockrate 500000
>!
>router ospf 1
> log-adjacency-changes
> auto-cost reference-bandwidth 1000
> area 5 authentication message-digest
> network 153.1.105.0 0.0.0.255 area 5
> network 0.0.0.0 255.255.255.255 area 5
>!
>ip classless
>no ip http server
>!
>!
>alias exec shi sh ip int brief
>!
>line con 0
> exec-timeout 60 0
>line aux 0
> transport input all
>line vty 0 4
> login
>!
>
>[GroupStudy.com removed an attachment of type image/jpeg which had a name
>of
>image001.jpg]
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:08 GMT-3