From: Darby Weaver (darbyweaver@yahoo.com)
Date: Mon Apr 23 2007 - 02:24:32 ART
Thanks Victor!
You are my hero.
:)
--- Victor Cappuccio <victor@ccbootcamp.com> wrote:
> Hi Jason,
>
> http://www.faqs.org/rfcs/rfc2328.html
>
> D. Authentication
>
> All OSPF protocol exchanges are authenticated. The
> OSPF packet
> header (see Section A.3.1) includes an
> authentication type field,
> and 64-bits of data for use by the appropriate
> authentication scheme
> (determined by the type field).
>
> The authentication type is configurable on a
> per-interface (or
> equivalently, on a per-network/subnet) basis. ---
> seems that in Cisco
> implementation this is using the routing process ---
> Additional
> authentication data is also configurable on a
> per-interface basis -- ip ospf
> authentication command under the interface running
> OSPF :) ..
>
> Authentication types 0, 1 and 2 are defined by this
> specification.
> All other authentication types are reserved for
> definition by the
> IANA (iana@ISI.EDU). The current list of
> authentication types is
> described below in Table 20.
>
> AuType Description
>
> ___________________________________________
> 0 Null authentication
> 1 Simple password
> 2 Cryptographic
> authentication
> All others Reserved for
> assignment by the
> IANA (iana@ISI.EDU)
>
>
>
> in the Message generation D.4 After building the
> contents of an OSPF packet,
> the authentication procedure indicated by the
> sending interface's Autype value
> is called before the packet is sent. The
> authentication procedure modifies
> the OSPF packet as follows.
>
> D.4.1 Generating Null authentication
>
> When using Null authentication, the
> packet is modified as
> follows:
>
> (1) The Autype field in the standard
> OSPF header is set to
> 0.
>
> Hope this helps
>
> Just my 2 cents more
>
> thanks,
> Victor Cappuccio.-
> Network Learning Inc - A Cisco Sponsored
> Organization (SO) YES! We take
> Cisco Learning credits!
> victor@ccbootcamp.com
> http://www.ccbootcamp.com (Cisco Training and Rental
> Racks)
> http://www.ccbootcamp.com/groupstudy.html
> (groupstudy member discounts!)
> Voice: 702-968-5100
> FAX: 702-446-8012
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com on behalf of Jason
> Carpenter
> Sent: Sun 4/22/2007 12:12
> To: ccielab@groupstudy.com
> Subject: OSPF authentication
>
> Will this result in OSPF authentication with a MD5
> hash of password CISCO
>
> router ospf 1
> area 0 authentication
>
> int s0/0
> ip ospf authentication message-digest
> ip ospf authentication-key CISCO
>
> when I run sh ip ospf int s0/0
> it says message-digest authentication enabled
> no key configured, using default key id 0
>
> as long as the question does not specify a key
> number, (for example
> key 1) would this result in md5 authentication with
> the password
> CISCO?
>
> Thanks
>
>
This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:37 ART