Re: Authentication in OSPF for area 0....virtual link

From: Leigh Harrison (ccileigh@gmail.com)
Date: Fri Nov 11 2005 - 11:25:47 GMT-3

• Next message: Chula Bandara: "ospf-eigrp redistribution"
• Previous message: dusth@comcast.net: "Re: BGP and Tunnel"
• Maybe in reply to: Schulz, Dave: "Authentication in OSPF for area 0....virtual link"
• Next in thread: Schulz, Dave: "RE: Authentication in OSPF for area 0....virtual link"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hey there Dave,

Yes. Virtual links to area 0 are an extention of area 0 and need to be
authenticated. If not - the peer will eventually drop off (if he's not
authenticated - he must be trouble) and you will loose the connection.

R1 -- area 0 -- R2 -- area 1 -- R3 -- area 2 -- R4

The virtual link would be between R2 and R3 over area 1, so that area 2
thinks it's connected to area 0. If you don't authenticate the virtual
link, then, like I say, the "virtual" neighbor will drop out and R4 will
not get the routes.

It's a case of one sentence on the lab requirements - lots of thinking
and 20 mins configuring for you.

LH

Schulz, Dave wrote:

>Thanks, Steve. I understand the virtual link authentication, but the
>real question here is .... if the question asks for area 0
>authentication link....then, should we also assume virtual link
>authentication (since a virtual link is the extension of the area 0.
>Or, is the virtual link considered a completely different area as it
>applies to authentication?
>
>
>Dave Schulz,
>
>Email: dschulz@dpsciences.com
>
>
>-----Original Message-----
>From: Steve Schoeneman [mailto:steve.schoeneman@gmail.com]
>Sent: Friday, November 11, 2005 7:20 AM
>To: Schulz, Dave
>Cc: ccielab@groupstudy.com
>Subject: Re: Authentication in OSPF for area 0....virtual link
>authentication???
>
>You can put the authentication right in the virtual-link statement:
>
>router ospf 10
> area 0 authentication message-digest
> area 3 authentication message-digest
> area 4 authentication message-digest
> area 4 virtual-link 10.6.6.6 message-digest-key 1 md5 cisco
>
>In this example from this router is ABR in 3 & 4 with no connection to
>area 0 except the virtual link and the lab requires authentication on
>all links.
>
>Steve
>
>On 11/11/05, Schulz, Dave <DSchulz@dpsciences.com> wrote:
>
>
>>I was thinking about all the ways that the lab could possibly ask for
>>authentication in OSPF, and a thought came to mind....what if, they
>>
>>
>ask to
>
>
>>perform area 0 authentication, and, you happen do have a virtual link.
>>
>>
>Would
>
>
>>you also put authentication on the virtual link, like you would on a
>>
>>
>tunnel
>
>
>>that is part of area 0. Technically, you could call the virtual link
>>
>>
>an
>
>
>>"extension of area 0".
>>
>>Dave
>>
>>
>>
>>
>_______________________________________________________________________
>
>
>>Subscription information may be found at:
>>http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>
>
>--
>Steve Schoeneman
>Independent Amsoil Dealer
>360.931.2774
>www.alube.us
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html

• Next message: Chula Bandara: "ospf-eigrp redistribution"
• Previous message: dusth@comcast.net: "Re: BGP and Tunnel"
• Maybe in reply to: Schulz, Dave: "Authentication in OSPF for area 0....virtual link"
• Next in thread: Schulz, Dave: "RE: Authentication in OSPF for area 0....virtual link"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 01 2005 - 09:12:06 GMT-3