RE: OSPF Authentication : Best Practice

From: Scott Morris (swm@emanon.com)
Date: Mon Mar 19 2007 - 08:46:44 ART

• Next message: Haloween Boy: "Re: CCIE Salary - For people taking H1-B's - Listen carefully."
• Previous message: Dishan Gamage: "mpls ldp authentication question !!"
• Maybe in reply to: Jeff Mullan: "OSPF Authentication : Best Practice"
• Next in thread: Darby Weaver: "RE: OSPF Authentication : Best Practice"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I think the request would be that "when you change keys" the neighbor
shouldn't go down.

Going from no authentication to using authentication, it's going to break
things. MD5 authentication though allows you to change keys without
breaking the peering session.

HTH,

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI-M/JNCI-J
IPexpert VP - Curriculum Development
IPexpert Sr. Technical Instructor
smorris@ipexpert.com
http://www.ipexpert.com
 
 

-----Original Message-----
From: Salau,Olayemi [mailto:Olayemi.Salau@southampton.gov.uk]
Sent: Monday, March 19, 2007 7:42 AM
To: Scott Morris; Cisco certification
Subject: RE: OSPF Authentication : Best Practice

I've come across a task somewhere that stipulates to do authentication
without letting the neighbour relationships go down.

Is there a logic to resolve this kind of issue, ie. a way of doing things 1
by 1 so that the "neighbourships" don't get affected during the
configuration of authentication?

Many Thanks

• Next message: Haloween Boy: "Re: CCIE Salary - For people taking H1-B's - Listen carefully."
• Previous message: Dishan Gamage: "mpls ldp authentication question !!"
• Maybe in reply to: Jeff Mullan: "OSPF Authentication : Best Practice"
• Next in thread: Darby Weaver: "RE: OSPF Authentication : Best Practice"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART