RE: Physical/multipoing Serial OSPF authentication different

From: JB (barrerj1@hotmail.com)
Date: Tue Oct 05 2004 - 18:44:11 GMT-3

• Next message: ccie2be: "Re: Physical/multipoing Serial OSPF authentication different"
• Previous message: ccie2be: "Re: CAR vs Police"
• Maybe in reply to: Bhagwanani, Pankaj: "Physical/multipoing Serial OSPF authentication different"
• Next in thread: ccie2be: "Re: Physical/multipoing Serial OSPF authentication different"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I got it working...

R5 authenticate R2 with password2
R5 authenticate R4 with password4

Ip ospf network point-to mu

Rack2R5#sh run int s0/0.245
Building configuration...

Current configuration : 336 bytes
!
interface Serial0/0.245 multipoint
 ip address 136.2.245.5 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 2 md5 password2
 ip ospf message-digest-key 4 md5 password4
 ip ospf network point-to-multipoint
 frame-relay map ip 136.2.245.2 502 broadcast
 frame-relay map ip 136.2.245.4 504 broadcast

!
!
Neighbor ID Pri State Dead Time Address Interface
150.2.4.4 0 FULL/ - 00:01:46 136.2.245.4
Serial0/0.245
150.2.2.2 0 FULL/ - 00:01:36 136.2.245.2
Serial0/0.245
150.2.1.1 0 FULL/ - 00:00:35 136.2.15.1
Serial0/0.15

Rack2R2#sh run int s0/0
Building configuration...

Current configuration : 286 bytes
!
interface Serial0/0
 ip address 136.2.245.2 255.255.255.0
 encapsulation frame-relay
 ip ospf authentication message-digest
 ip ospf message-digest-key 2 md5 password2
 ip ospf network point-to-multipoint
 frame-relay map ip 136.2.245.5 205 broadcast
 no frame-relay inverse-arp
end

Rack2R2#sh ip os
Rack2R2#sh ip ospf nei
Rack2R2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
150.2.5.5 0 FULL/ - 00:01:31 136.2.245.5 Serial0/0

Rack2R4#sh run int s0/0
Building configuration...

Current configuration : 286 bytes
!
interface Serial0/0
 ip address 136.2.245.4 255.255.255.0
 encapsulation frame-relay
 ip ospf authentication message-digest
 ip ospf message-digest-key 4 md5 password4
 ip ospf network point-to-multipoint
 frame-relay map ip 136.2.245.5 405 broadcast
 no frame-relay inverse-arp
end

Rack2R4#sh ip os
Rack2R4#sh ip ospf nei
Rack2R4#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
150.2.5.5 0 FULL/ - 00:01:37 136.2.245.5 Serial0/0

Performed
Clear ip ospf proccess:

Rack2R5#clear ip ospf process
Reset ALL OSPF processes? [no]: y
Rack2R5#
Rack2R5#
Rack2R5#
Rack2R5#
Rack2R5#
Rack2R5#
Rack2R5#
*Mar 1 20:47:16.770: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.4.4 on
Serial0/0.245 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 20:47:16.770: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.2.2 on
Serial0/0.245 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 20:47:16.770: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.1.1 on
Serial0/0.15 from FULL to DOWN, Neighbor Down: Interface down or detached
Rack2R5#
Rack2R5#
Rack2R5#
Rack2R5#
Rack2R5#
*Mar 1 20:47:18.558: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.1.1 on
Serial0/0.15 from LOADING to FULL, Loading Done
Rack2R5#sh ip os
Rack2R5#sh ip ospf nei
Rack2R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
150.2.2.2 0 EXSTART/ - 00:01:58 136.2.245.2
Serial0/0.245
150.2.1.1 0 FULL/ - 00:00:38 136.2.15.1
Serial0/0.15
Rack2R5#
*Mar 1 20:47:43.786: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.2.2 on
Serial0/0.245 from LOADING to FULL, Loading Done
Rack2R5#sh ip ospf neighbor
*Mar 1 20:47:46.602: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.4.4 on
Serial0/0.245 from LOADING to FULL, Loading Done
Rack2R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
150.2.4.4 0 FULL/ - 00:01:58 136.2.245.4
Serial0/0.245
150.2.2.2 0 FULL/ - 00:01:58 136.2.245.2
Serial0/0.245
150.2.1.1 0 FULL/ - 00:00:39 136.2.15.1
Serial0/0.15

Sessions are established:

Debug adjacencies

I can see the exchange of the respective keys:

Rack2R5#debug ip ospf ?
  adj OSPF adjacency events
  database-timer OSPF database timer
  events OSPF events
  flood OSPF flooding
  hello OSPF hello events
  lsa-generation OSPF lsa generation
  mpls OSPF MPLS
  nsf OSPF non-stop forwarding events
  packet OSPF packets
  retransmission OSPF retransmission events
  spf OSPF spf
  tree OSPF database tree

Rack2R5#debug ip ospf ad
Rack2R5#debug ip ospf adj
OSPF adjacency events debugging is on
Rack2R5#clear ip os
Rack2R5#clear ip ospf pro
Rack2R5#clear ip ospf process
Reset ALL OSPF processes? [no]: y
Rack2R5#
Rack2R5#
*Mar 1 20:49:42.658: OSPF: Send with key 2
*Mar 1 20:49:42.658: OSPF: Send with key 4
*Mar 1 20:49:42.698: OSPF: Interface Serial0/0.245 going Down
*Mar 1 20:49:42.698: OSPF: 150.2.5.5 address 136.2.245.5 on Serial0/0.245
is dead, state DOWN
*Mar 1 20:49:42.698: OSPF: 150.2.4.4 address 136.2.245.4 on Serial0/0.245
is dead, state DOWN
*Mar 1 20:49:42.698: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.4.4 on
Serial0/0.245 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 20:49:42.698: OSPF: 150.2.2.2 address 136.2.245.2 on Serial0/0.245
is dead, state DOWN
*Mar 1 20:49:42.698: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.2.2 on
Serial0/0.245 from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 20:49:42.698: OSPF: Interface Serial0/0.15 going Down
*Mar 1 20:49:42.698: OSPF: 150.2.5.5 address 136.2.15.5 on Serial0/0.15 is
dead, state DOWN
*Mar 1 20:49:42.698: OSPF: 150.2.1.1 address 136.2.15.1 on Serial0/0.15 is
dead, state DOWN
*Mar 1 20:49:42
Rack2R5#
Rack2R5#
Rack2R5#.698: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.1.1 on Serial0/0.15
from FULL to DOWN, Neighbor Down: Interface down or detached
*Mar 1 20:49:42.710: OSPF: Interface Serial0/0.245 going Up
*Mar 1 20:49:42.710: OSPF: Send with youngest Key 4
*Mar 1 20:49:42.710: OSPF: Interface Serial0/0.15 going Up
*Mar 1 20:49:43.198: OSPF: Build router LSA for area 0, router ID
150.2.5.5, seq 0x80000001
Rack2R5#
*Mar 1 20:49:48.178: OSPF: 2 Way Communication to 150.2.1.1 on
Serial0/0.15, state 2WAY
*Mar 1 20:49:48.178: OSPF: Send DBD to 150.2.1.1 on Serial0/0.15 seq 0x552
opt 0x52 flag 0x7 len 32
*Mar 1 20:49:48.274: OSPF: Rcv DBD from 150.2.1.1 on Serial0/0.15 seq
0x14C2 opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Mar 1 20:49:48.274: OSPF: First DBD and we are not SLAVE
*Mar 1 20:49:48.306: OSPF: Rcv DBD from 150.2.1.1 on Serial0/0.15 seq 0x552
opt 0x52 flag 0x2 len 132 mtu 1500 state EXSTART
*Mar 1 20:49:48.306: OSPF: NBR Negotiation Done. We are the MASTER
*Mar 1 20:49:48.310: OSPF: Send DBD to 150.2.1.1 on Serial0/0.15 seq 0x553
opt 0x52 flag 0x3 len 52
*Mar 1 20:49:48.310: OSPF: Database request to 150.2.1.1
*Mar 1 20:49:48.310: OSPF: sent LS REQ packet to 136.2.15.1, length 60
*Mar 1 20:49:48.474: OSPF: Rcv DBD from 150.2.1.1 on Serial0/0.15 seq 0x553
opt 0x52 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 20:49:48.474: OSPF: Send DBD to 150.2.1.1 on Seri
Rack2R5#al0/0.15 seq 0x554 opt 0x52 flag 0x1 len 32
*Mar 1 20:49:48.574: OSPF: Rcv DBD from 150.2.1.1 on Serial0/0.15 seq 0x554
opt 0x52 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 20:49:48.574: OSPF: Exchange Done with 150.2.1.1 on Serial0/0.15
*Mar 1 20:49:48.574: OSPF: Synchronized with 150.2.1.1 on Serial0/0.15,
state FULL
*Mar 1 20:49:48.574: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.1.1 on
Serial0/0.15 from LOADING to FULL, Loading Done
Rack2R5#
*Mar 1 20:49:49.074: OSPF: Build router LSA for area 0, router ID
150.2.5.5, seq 0x80000002
Rack2R5#
*Mar 1 20:49:54.634: OSPF: Build router LSA for area 0, router ID
150.2.5.5, seq 0x8000001C
Rack2R5#
*Mar 1 20:50:08.526: OSPF: 2 Way Communication to 150.2.2.2 on
Serial0/0.245, state 2WAY
*Mar 1 20:50:08.526: OSPF: Send DBD to 150.2.2.2 on Serial0/0.245 seq 0xDDC
opt 0x52 flag 0x7 len 32
*Mar 1 20:50:08.526: OSPF: Send with key 2
*Mar 1 20:50:08.530: OSPF: Send with key 4
*Mar 1 20:50:08.590: OSPF: Rcv DBD from 150.2.2.2 on Serial0/0.245 seq
0x1833 opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Mar 1 20:50:08.590: OSPF: First DBD and we are not SLAVE
Rack2R5#
*Mar 1 20:50:12.710: OSPF: Send with key 2
*Mar 1 20:50:12.710: OSPF: Send with key 4
*Mar 1 20:50:13.530: OSPF: Send DBD to 150.2.2.2 on Serial0/0.245 seq 0xDDC
opt 0x52 flag 0x7 len 32
*Mar 1 20:50:13.530: OSPF: Send with key 2
*Mar 1 20:50:13.530: OSPF: Send with key 4
*Mar 1 20:50:13.530: OSPF: Retransmitting DBD to 150.2.2.2 on Serial0/0.245
[1]
*Mar 1 20:50:13.586: OSPF: Rcv DBD from 150.2.2.2 on Serial0/0.245 seq
0x1833 opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Mar 1 20:50:13.586: OSPF: First DBD and we are not SLAVE
*Mar 1 20:50:13.626: OSPF: Rcv DBD from 150.2.2.2 on Serial0/0.245 seq
0xDDC opt 0x52 flag 0x2 len 132 mtu 1500 state EXSTART
*Mar 1 20:50:13.626: OSPF: NBR Negotiation Done. We are the MASTER
*Mar 1 20:50:13.626: OSPF: Send DBD to 150.2.2.2 on Serial0/0.245 seq 0xDDD
opt 0x52 flag 0x3 len 152
*Mar 1 20:50:13.626: OSPF: Send with key 2
*Mar 1 20:50:13.630: OSPF: Send with key 4
*Mar 1 20:50:13.630: OSPF: Send with key 2
*Mar
Rack2R5#1 20:50:13.630: OSPF: Send with key 4
*Mar 1 20:50:13.630: OSPF: Database request to 150.2.2.2
*Mar 1 20:50:13.630: OSPF: sent LS REQ packet to 136.2.245.2, length 12
*Mar 1 20:50:13.718: OSPF: Rcv DBD from 150.2.2.2 on Serial0/0.245 seq
0xDDD opt 0x52 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 20:50:13.718: OSPF: Send DBD to 150.2.2.2 on Serial0/0.245 seq 0xDDE
opt 0x52 flag 0x1 len 32
*Mar 1 20:50:13.722: OSPF: Send with key 2
*Mar 1 20:50:13.722: OSPF: Send with key 4
*Mar 1 20:50:13.730: OSPF: Send with key 2
*Mar 1 20:50:13.730: OSPF: Send with key 4
*Mar 1 20:50:13.782: OSPF: Rcv DBD from 150.2.2.2 on Serial0/0.245 seq
0xDDE opt 0x52 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 20:50:13.782: OSPF: Exchange Done with 150.2.2.2 on Serial0/0.245
*Mar 1 20:50:13.782: OSPF: Synchronized with 150.2.2.2 on Serial0/0.245,
state FULL
*Mar 1 20:50:13.782: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.2.2 on
Serial0/0.245 from LOADING to FULL, Loading Done
*Mar 1 20:50:14.286: OSPF: Send with key 2
*Mar 1 20:50:14.286: OSPF: Send with key 4
*Mar 1 20:50:14.286: OSPF: Build router LSA for area 0, router ID
150.2.5.5, seq 0x8000001D
*Mar 1 20:50:15.346: OSPF: 2 Way Communication to 150.2.4.4 on
Serial0/0.245, state 2WAY
*Mar 1 20:50:15.346: OSPF: Send DBD to 150.2.4.4 on Serial0/0.245 seq
0x14EF opt 0x52 flag 0x7 len 32
*Mar 1 20:50:15.346: OSPF: Send with key 2
*Mar 1 20:50:15.346: OSPF: Send with key 4
*Mar 1 20:50:15.422: OSPF: Rcv DBD from 150.2.4.4 on Serial0/0.245 seq
0x1BDC opt 0x52 flag 0x7 len 32 mtu 1500 state EXSTART
*Mar 1 20:50:15.422: OSPF: First DBD and we are not SLAVE
*Mar 1 20:50:15.462: OSPF: Rcv DBD from 150.2.4.4 on Serial0/0.245 seq
0x14EF opt 0x52 flag 0x2 len 132 mtu 1500 state EXSTART
*Mar 1 20:50:15.462: OSPF: NBR Negotiation Done. We are the MASTER
*Mar 1 20:50:15.462: OSPF: Send DBD to 150.2.4.4 on Serial0/0.245 seq
0x14F0 opt 0x52 flag 0x3 len 152
*Mar 1 20:50:15.462: OSPF: Send with key 2
*Mar 1 20:50:15.462: OSPF: Send with key 4
*Mar 1 20:50:15.466: OSPF: Send with key 2
*Mar 1 20:50:15.466: OSPF: Send with key 4
*Mar 1 20:50:15.466: OSPF: Database request to 150.2.4.4
*Mar 1 20:50:15.466: OSPF: sent LS REQ packet to 136.2.245.4, length 12
*Mar 1 20:50:15.586: OSPF: Rcv DBD from 150.2.4.4 on Serial0/0.245 seq
0x14F0 opt 0x52 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 20:50:15.586: OSPF: Send DBD to 150.2.4.4 on Serial0/0.245 seq
0x14F1 opt 0x52 flag 0x1 len 32
*Mar 1 20:50:15.586: OSPF: Send with key 2
*Mar 1 20:50:15.586: OSPF: Send with key 4
*Mar 1 20:50:15.598: OSPF: Send with key 2
*Mar 1 20:50:15.598: OSPF: Send with key 4
*Mar 1 20:50:15.614: OSPF: Send with key 2
*Mar 1 20:50:15.614: OSPF: Send with key 4
*Mar 1 20:50:15.662: OSPF: Rcv DBD from 150.2.4.4 on Serial0/0.245 seq
0x14F1 opt 0x52 flag 0x0 len 32 mtu 1500 state EXCHANGE
*Mar 1 20:50:15.662: OSPF: Exchange Done with 150.2.4.4 on Serial0/0.245
*Mar 1 20:50:15.662: OSPF: Synchronized with 150.2.4.4 on Serial0/0.245,
state FULL
*Mar 1 20:50:15.662: %OSPF-5-ADJCHG: Process 100, Nbr 150.2.4.4 on
Serial0/0.245 from LOADING to FULL, Loading Done
*Mar 1 20:50:16.262: OSPF: Send with key 2
*Mar 1 20:50:16.262: OSPF: Send with key 4
Rack2R5#
Rack2R5#
*Mar 1 20:50:19.202: OSPF: Send with key 2
*Mar 1 20:50:19.202: OSPF: Send with key 4
*Mar 1 20:50:19.254: OSPF: Send with key 2
*Mar 1 20:50:19.254: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:50:20.234: OSPF: Send with key 2
*Mar 1 20:50:20.234: OSPF: Send with key 4
*Mar 1 20:50:20.238: OSPF: Build router LSA for area 0, router ID
150.2.5.5, seq 0x8000001E
Rack2R5#
*Mar 1 20:50:21.758: OSPF: Send with key 2
*Mar 1 20:50:21.758: OSPF: Send with key 4
*Mar 1 20:50:22.438: OSPF: Send with key 2
*Mar 1 20:50:22.442: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:50:24.942: OSPF: Send with key 2
*Mar 1 20:50:24.942: OSPF: Send with key 4
Rack2R5#sh ip os
Rack2R5#sh ip ospf nei
Rack2R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
150.2.4.4 0 FULL/ - 00:01:50 136.2.245.4
Serial0/0.245
150.2.2.2 0 FULL/ - 00:01:52 136.2.245.2
Serial0/0.245
150.2.1.1 0 FULL/ - 00:00:36 136.2.15.1
Serial0/0.15
Rack2R5#
*Mar 1 20:50:42.710: OSPF: Send with key 2
*Mar 1 20:50:42.710: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:51:12.710: OSPF: Send with key 2
*Mar 1 20:51:12.710: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:51:42.710: OSPF: Send with key 2
*Mar 1 20:51:42.710: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:52:12.710: OSPF: Send with key 2
*Mar 1 20:52:12.710: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:52:42.710: OSPF: Send with key 2
*Mar 1 20:52:42.710: OSPF: Send with key 4
Rack2R5#
*Mar 1 20:53:12.710: OSPF: Send with key 2
*Mar 1 20:53:12.710: OSPF: Send with key 4

Continues by exchanging Keys

Any comments?

JB

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Thursday, November 18, 2004 7:17 AM
To: Bhagwanani, Pankaj; ccielab@groupstudy.com
Subject: Re: Physical/multipoing Serial OSPF authentication different
password s Md5

I don't think this can be done.

I think the rule is: same subnet, same password.

Please, if I'm mistaken, someone correct me.

----- Original Message -----
From: "Bhagwanani, Pankaj" <pankaj.bhagwanani@eds.com>
To: <ccielab@groupstudy.com>
Sent: Thursday, November 18, 2004 3:17 AM
Subject: Physical/multipoing Serial OSPF authentication different password s
Md5

> Hello
>
> I am trying to get md5 authentication working btw spokes with different
> passwords , I can not get it working . Can anyone help, or can this not be
> done ?
>
> Configs are
>
> hub
>
> !
> interface Serial0.2 multipoint
> ip address 136.10.100.2 255.255.255.224
> ip ospf authentication message-digest
> ip ospf message-digest-key 5 md5 cisco1
> ip ospf message-digest-key 6 md5 cisco2
> !
>
> on one spoke
>
> !
> interface Serial0
> ip address 136.10.100.5 255.255.255.224
> ip ospf authentication message-digest
> ip ospf message-digest-key 5 md5 cisco1
>
> on the other spoke
>
> !
> interface Serial1/0
> ip address 136.10.100.6 255.255.255.224
> ip ospf authentication message-digest
> ip ospf message-digest-key 6 md5 cisco2
>
> Thanks
> Pakaj
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: ccie2be: "Re: Physical/multipoing Serial OSPF authentication different"
• Previous message: ccie2be: "Re: CAR vs Police"
• Maybe in reply to: Bhagwanani, Pankaj: "Physical/multipoing Serial OSPF authentication different"
• Next in thread: ccie2be: "Re: Physical/multipoing Serial OSPF authentication different"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:48 GMT-3