FW: Unexpected ospf authentication behavior

From: Jonathan V Hays (jhays@jtan.com)
Date: Fri Jul 25 2003 - 14:35:05 GMT-3

• Next message: Jung, Jin: "RE: 3550 - Voice Trunks?"
• Previous message: Jonathan V Hays: "RE: Unexpected ospf authentication behavior"
• Maybe in reply to: ccie2be: "Unexpected ospf authentication behavior"
• Next in thread: ccie2be: "Re: Unexpected ospf authentication behavior"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

In addition, if you have area authentication configured, you can
override it with a different authentication on the link. For example,
below I have configured area 1 with message-digest authentication, but I
have configured simple authentication on the frame-relay subinterface. I
have full adjacency across all frame relay connections.

interface Serial1.1 multipoint
 ip address 140.4.1.3 255.255.255.240
 ip ospf authentication
 ip ospf authentication-key 3com
!
!
router ospf 4
 area 1 authentication message-digest
 network 140.4.1.3 0.0.0.0 area 1

r3#sh ip ospf
 Routing Process "ospf 4" with ID 140.4.3.3
[output omitted]
    Area 1
        Number of interfaces in this area is 2
==> Area has message digest authentication <==
        SPF algorithm executed 14 times
        Area ranges are
           140.4.1.0/24 Active(64) Advertise
        Number of LSA 33. Checksum Sum 0xDEA6F
        Number of opaque link LSA 0. Checksum Sum 0x0
        Number of DCbitless LSA 0
        Number of indication LSA 0
        Number of DoNotAge LSA 0
        Flood list length 0

r3#sh ip ospf interface s1.1
Serial1.1 is up, line protocol is up
  Internet Address 140.4.1.3/28, Area 1
  Process ID 4, Router ID 140.4.3.3, Network Type NON_BROADCAST, Cost:
64
  Transmit Delay is 1 sec, State DR, Priority 255
  Designated Router (ID) 140.4.3.3, Interface address 140.4.1.3
  No backup designated router on this network
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:05
  Index 1/2, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 7, maximum is 11
  Last flood scan time is 4 msec, maximum is 8 msec
  Neighbor Count is 2, Adjacent neighbor count is 2
    Adjacent with neighbor 140.4.5.5
    Adjacent with neighbor 140.4.2.2
  Suppress hello for 0 neighbor(s)
=>Simple password authentication enabled <==
r3#

(Responding to your own posts is a bad habit to get into. ;-)

The Doc CD is not too clear on this capability but it is spelled out
clearly in Chapter 2 of Parkhurst's "Cisco OSPF Command and
Configuration Handbook".

Jonathan

• Next message: Jung, Jin: "RE: 3550 - Voice Trunks?"
• Previous message: Jonathan V Hays: "RE: Unexpected ospf authentication behavior"
• Maybe in reply to: ccie2be: "Unexpected ospf authentication behavior"
• Next in thread: ccie2be: "Re: Unexpected ospf authentication behavior"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:53 GMT-3