Re: OSPF authentication using rollover keys

From: allboutcisco (frenzeus@streamyx.com)
Date: Sun Jul 09 2006 - 02:26:30 ART

• Next message: srdja blagojevic: "RE: RIPng over IPv6 6to4 tunnel"
• Previous message: Schulz, Dave: "RE: Just Passed! CCIE #16498"
• Next in thread: Sami: "Re: OSPF authentication using rollover keys"
• Maybe reply: Sami: "Re: OSPF authentication using rollover keys"
• Maybe reply: Standley, Jeffrey: "Re: OSPF authentication using rollover keys"
• Maybe reply: Mike O: "Re: OSPF authentication using rollover keys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi group,

I picked this thread up some time back. Till date, myself i have yet to be
able to get it working after reloading of the routers, despite the numerous
attempts with all the debugs, it jus seems that the rollover stops after a
reload.

Even attempts to wait "forever" the neighbor just wouldn't form. I believe
i'm not the only person faced with this issue. Question is, is there really
a way to get by this or the only way after a reload is to manually re-apply
the "ip ospf message-digest-key" command on the hub?

Appreciate if someone could shed some light, if being faced with this in the
real lab, can i safely assume that the proctors will not reload the routers
before grading or should i just NOT configure the authentication (thereby
losing crucial points) to avoid neigbors not establishing if in the event
that the proctors DO reload the routers?

Any advice out there is greatly appreciated!

Thanks.

-K

----- Original Message -----
From: "Scott Morris" <swm@emanon.com>
To: "'Radioactive Frog'" <pbhatkoti@gmail.com>
Cc: "'Larry Chuon'" <lchuon@gmail.com>; "'Cisco certification'"
<ccielab@groupstudy.com>
Sent: Monday, May 29, 2006 1:29 AM
Subject: RE: OSPF authentication using rollover keys

> Not sure about that (haven't tried real hard). According to the debugs,
> it
> sends with the keys it knows about. And there are notes about mismatched
> keys (key-id not present on spoke side), but it just seems that after a
> while the hub side gives up and thinks he's surrounded by idiots. :)
>
> Perhaps it's a count thing, in which case changing the frequency of your
> hello's would change it. I was running on non-broadcast interface, so
> things were only every 30 seconds anyway. I'm not by my systems at the
> moment, so anyone else wanna give it a whirl?
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
> #153, CISSP, et al.
> CCSI/JNCI
> IPExpert CCIE Program Manager
> IPExpert Sr. Technical Instructor
> smorris@ipexpert.com
> http://www.ipexpert.com
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Radioactive Frog
> Sent: Sunday, May 28, 2006 10:28 AM
> To: Scott Morris
> Cc: Larry Chuon; Cisco certification
> Subject: Re: OSPF authentication using rollover keys
>
> Is there any way, to reduce this convergence time from 10 minute to couple
> of minute ?
>
> Frog.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: srdja blagojevic: "RE: RIPng over IPv6 6to4 tunnel"
• Previous message: Schulz, Dave: "RE: Just Passed! CCIE #16498"
• Next in thread: Sami: "Re: OSPF authentication using rollover keys"
• Maybe reply: Sami: "Re: OSPF authentication using rollover keys"
• Maybe reply: Standley, Jeffrey: "Re: OSPF authentication using rollover keys"
• Maybe reply: Mike O: "Re: OSPF authentication using rollover keys"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Aug 01 2006 - 07:13:47 ART