From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Mon Oct 18 2004 - 00:41:07 GMT-3
Sam,
OSPF does not have the concept of area authentication.
Authentication can be enabled using the "area X authentication
[message-digest]" command but this isn't AREA authentication.
RFC 2328:
<Quote>
The authentication type is configurable on a per-interface (or
equivalently, on a per-network/subnet) basis.
</Quote>
The area authentication command is just setting the
authentication type from null (type 0) to simple password (type 1) or
cryptographic (type 2) on all interfaces in that particular area. In
IOS version 12.0(8) Cisco added the command to enable authentication on
a per interface basis using the "ip ospf authentication [message-digest
| null]" command.
Technically if you want to be nit picky, the Cisco Press book is
wrong as all OSPF updates are authenticated by default ;-)
RFC 2328:
<Quote>
In addition, all OSPF routing protocol exchanges are authenticated.
</Quote>
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
samccie2004@yahoo.co.uk
Sent: Sunday, October 17, 2004 6:10 AM
To: studygroup
Subject: OSPF Authentication
Hi Group
In terms of wording, what would hint to AREA authentication instead of
INTERFACE authentication.
Based on Ciscopress practice Lab, when mentioning "authentication
updates", then authentication should be interface based.
Any comments
TIA
Sam
This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:49 GMT-3