From: Brian Dennis (brian@labforge.com)
Date: Wed Jun 18 2003 - 17:30:20 GMT-3
The virtual link will use the authentication type configured for area 0
and not the transit area. You can of course override the area
authentication for the virtual link just like you can with an interface.
Also the "area X authentication" command is just setting the
authentication type for the area. It doesn't actually authenticate. You
need to apply the authentication key under the interface. Also as you
stated you can override the authentication configured with the "area X
authentication" command by using the "ip ospf authentication <null |
message-digest>" interface command.
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Nathan Chessin
Sent: Wednesday, June 18, 2003 12:19 PM
To: ccielab@groupstudy.com
Subject: ospf area authentication
Hi All.
When configuring area authentication in OSPF, it looks to me like
interfaces
that are put in that area are inheriting the authentication by default.
For instance, if I have simple authentication in area 245 enabled, and I
have a bri interface in that area, it will inherit the simple
authentication
parameters even though I don't explicitly state "ip ospf authentication"
or
"ip ospf authentication-key xxxxx"
Is this correct thinking and correct behavior. Oh, and I do have a
virtual
link transiting area 245 with simple authentication as well.
Any help?
Thanks,
Nate
This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:11:00 GMT-3