RE: [IEWBv4 lab3 - Question 4.5]: Virtual-Link Authentication

From: Marvin Greenlee (marvin@ipexpert.com)
Date: Thu Feb 22 2007 - 02:31:46 ART

Key0 is a null key, and will be sent if you do not have another key defined.

Marvin Greenlee, CCIE #12237 (R&S, SP, Sec)
Senior Technical Instructor - IPexpert, Inc.
"When Will You Be an IP Expert?"
 marvin@ipexpert.com
http://www.IPexpert.com

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
nhatphuc
Sent: Thursday, February 22, 2007 12:15 AM
To: Cisco certification
Subject: [IEWBv4 lab3 - Question 4.5]: Virtual-Link Authentication

Hi Brians/group,

IEWBv4 Lab3, Question 4.5 require OSPF authentication in area 0.

In solutions, virtual-link authentication is required. But I don't configure
authentication on virtual-link and it still works.

It says using default key id 0. What is this key? and where is it from?

Thanks

This is my output:

Rack1R4#sh ip osp neighbor

Neighbor ID Pri State Dead Time Address Interface
150.1.5.5 0 FULL/ - - 136.1.45.5 OSPF_VL0
150.1.5.5 0 INIT/ - 00:01:57 136.1.245.5 Serial0/0
150.1.5.5 0 FULL/ - 00:00:35 136.1.45.5 Serial0/1
Rack1R4#sh ip osp neighbor

Neighbor ID Pri State Dead Time Address Interface
150.1.5.5 0 FULL/ - - 136.1.45.5 OSPF_VL0
150.1.5.5 0 INIT/ - 00:01:53 136.1.245.5 Serial0/0
150.1.5.5 0 FULL/ - 00:00:31 136.1.45.5 Serial0/1
Rack1R4#

Rack1R4#sh ip osp neighbor

Neighbor ID Pri State Dead Time Address Interface
150.1.5.5 0 FULL/ - - 136.1.45.5 OSPF_VL0
150.1.5.5 0 FULL/ - 00:01:57 136.1.245.5 Serial0/0
150.1.5.5 0 FULL/ - 00:00:35 136.1.45.5 Serial0/1
Rack1R4#sh ip ospf
 Routing Process "ospf 1" with ID 150.1.4.4
 <ouput omitted>

    Area BACKBONE(0)
     Number of interfaces in this area is 3
    Area has message digest authentication
    SPF algorithm last executed 00:00:12.552 ago
    SPF algorithm executed 40 times
    Area ranges are

    Area 45
    Number of interfaces in this area is 1
    This area has transit capability: Virtual Link Endpoint
    Area has no authentication
    SPF algorithm last executed 00:16:48.668 ago
    SPF algorithm executed 8 times

Rack1R4#sh ip os vir
Virtual Link OSPF_VL0 to router 150.1.5.5 is up
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 45, via interface Serial0/1, Cost of using 65534
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:02
    Adjacency State FULL (Hello suppressed)
    Index 2/3, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec
  Message digest authentication enabled
      No key configured, using default key id 0

Rack1R5#sh ip os neighbor

Neighbor ID Pri State Dead Time Address Interface
150.1.4.4 0 FULL/ - - 136.1.45.4 OSPF_VL0
150.1.1.1 0 FULL/ - 00:00:35 136.1.15.1
Serial0/0.15
150.1.4.4 0 FULL/ - 00:01:52 136.1.245.4
Serial0/0.245
150.1.2.2 0 FULL/ - 00:01:55 136.1.245.2
Serial0/0.245
150.1.4.4 0 FULL/ - 00:00:37 136.1.45.4 Serial0/1

Rack1R5#sh ip os virtual-links
Virtual Link OSPF_VL0 to router 150.1.4.4 is up
  Run as demand circuit
  DoNotAge LSA allowed.
  Transit area 45, via interface Serial0/1, Cost of using 65534
  Transmit Delay is 1 sec, State POINT_TO_POINT,
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    Hello due in 00:00:06
    Adjacency State FULL (Hello suppressed)
    Index 4/5, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec
  Message digest authentication enabled
      No key configured, using default key id 0

Rack1R5#sh ip os
 Routing Process "ospf 1" with ID 150.1.5.5
 < output omitted>
    Area BACKBONE(0)
    Number of interfaces in this area is 4
    Area has message digest authentication
    SPF algorithm last executed 00:01:12.920 ago
    SPF algorithm executed 32 times
    Area ranges are
    Number of LSA 8. Checksum Sum 0x05733D
    Number of opaque link LSA 0. Checksum Sum 0x000000
    Number of DCbitless LSA 0
    Number of indication LSA 0
    Number of DoNotAge LSA 1
    Flood list length 0
    Area 45
    Number of interfaces in this area is 1
    This area has transit capability: Virtual Link Endpoint
    Area has no authentication
    SPF algorithm last executed 00:17:46.100 ago
    SPF algorithm executed 8 times
    Area ranges are
    Number of LSA 22. Checksum Sum 0x0AC6C8
    Number of opaque link LSA 0. Checksum Sum 0x000000
    Number of DCbitless LSA 0
    Number of indication LSA 0
    Number of DoNotAge LSA 0

I shut down the frame relay link and it still has connection via PPP link

Rack1R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Rack1R4(config)#int s0/0/0
Rack1R4(config-if)#shut
Rack1R4(config-if)#
*Feb 22 05:29:10.375: %OSPF-5-ADJCHG: Process 1, Nbr 150.1.5.5 on Serial0/0
from FULL to DOWN, Neighbor Down: Interface down or detached
Rack1R4(config-if)#sh ip
*Feb 22 05:29:12.375: %LINK-5-CHANGED: Interface Serial0/0, changed state to
administratively down
*Feb 22 05:29:13.375: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Serial0/0, changed state to down

Rack1R4#sh ip os nei

Neighbor ID Pri State Dead Time Address Interface
150.1.5.5 0 FULL/ - - 136.1.45.5 OSPF_VL0
150.1.5.5 0 FULL/ - 00:00:39 136.1.45.5 Serial0/1
Rack1R4#

This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART