RE: OSPF
From: Kemal YILDIRIM (kemalhy@gmail.com)
Date: Tue Jul 04 2006 - 09:00:53 ART
Use pppOFR to get two virtual interfaces.
Then you can apply different keys for each spoke at R3.
Objects are what is unalterable and subsistent;
their configuration is what is changing and unstable.
So, you need PRACTICE, PRACTICE, AND MORE PRACTICE...
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Sami
Sent: Tuesday, July 04, 2006 1:41 PM
To: Leon van Dongen
Cc: ccielab@groupstudy.com
Subject: Re: OSPF
What I have to do to make R3 to send same packets with two keys ?
On 7/4/06, Leon van Dongen <l.dongen1@chello.nl> wrote:
>
> The hub router is sending it's youngest key, being key 2 while the spoke
> router R1 sends it's youngest key, being key 1.
>
> Usage Guidelines
> Usually, one key per interface is used to generate authentication
> information when sending packets and to authenticate incoming packets. The
> same key identifier on the neighbor router must have the same key value.
>
> [...]
>
> The system assumes its neighbors do not have the new key yet, so it begins
> a rollover process. It sends multiple copies of the same packet, each
> authenticated by different keys. In this example, the system sends out two
> copies of the same packet�the first one authenticated by key 100 and the
> second one authenticated by key 101.
>
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/hirp_r
/
rte_osph.htm#wp1091704
>
> You can try to add key 2 to R1, to create a rollover situation.
>
> --Leon
>
> PS I believe I saw a post recently that was answered by Scott Morris which
> had a proper solution. However I do not have access to my mailbox at the
> moment and searching GroupStudy with Google seems to be a waist of time.
> >
> > van: Sami <sy1977@gmail.com>
> > datum: 2006/07/04 Tue PM 12:02:13 MEST
> > aan: ccielab <ccielab@groupstudy.com>
> > onderwerp: OSPF
> >
> > Group,
> >
> > task say use different key for spokes , R3 is hub and have two OSPF key
> ,
> > key 1 for R3 and key 2 for R5 . R5 is OK but R1 adjaceny is not coming
> up
> >
> > *Jul 4 09:59:23.411: OSPF: Send with youngest Key 1
> > R1#
> >
> > R1#
> > *Jul 4 09:59:37.395: OSPF: Rcv pkt from 190.1.135.3, Serial0/0/0 :
> Mismatch
> > Authentication Key - No message digest key 2 on interface
> >
> > Hub
> >
> > R3
> > router ospf 1
> > router-id 150.1.3.3
> > log-adjacency-changes
> > area 135 authentication message-digest
> > network 190.1.34.3 0.0.0.0 area 34
> > network 190.1.135.3 0.0.0.0 area 135
> > neighbor 190.1.135.5
> > neighbor 190.1.135.1
> > interface Serial0/0/0
> > ip address 190.1.135.3 255.255.255.0
> > encapsulation frame-relay
> > ip ospf authentication message-digest
> > ip ospf message-digest-key 1 md5 CISCO13
> > ip ospf message-digest-key 2 md5 CISCO35
> >
> > Spokes
> > R1
> >
> > interface Serial0/0/0
> > ip address 190.1.135.1 255.255.255.0
> > encapsulation frame-relay
> > ip ospf authentication message-digest
> > ip ospf message-digest-key 1 md5 CISCO13
> > ip ospf network point-to-multipoint non-broadcast
> >
> > R5
> >
> > interface Serial0/0/0
> > ip address 190.1.135.5 255.255.255.0
> > encapsulation frame-relay
> > ip ospf authentication message-digest
> > ip ospf message-digest-key 2 md5 CISCO35
> > ip ospf network point-to-multipoint non-broadcast
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4
: Tue Aug 01 2006 - 07:13:46 ART