From: Narbik Kocharians (narbikk@gmail.com)
Date: Mon Apr 23 2007 - 02:28:08 ART
How is that related to "area authentication" and per interface
authentication?
On 4/22/07, Victor Cappuccio <victor@ccbootcamp.com> wrote:
>
> Hi Jason,
>
> http://www.faqs.org/rfcs/rfc2328.html
>
> D. Authentication
>
> All OSPF protocol exchanges are authenticated. The OSPF packet
> header (see Section A.3.1) includes an authentication type field,
> and 64-bits of data for use by the appropriate authentication scheme
> (determined by the type field).
>
> The authentication type is configurable on a per-interface (or
> equivalently, on a per-network/subnet) basis. --- seems that in Cisco
> implementation this is using the routing process --- Additional
> authentication data is also configurable on a per-interface basis -- ip
> ospf
> authentication command under the interface running OSPF :) ..
>
> Authentication types 0, 1 and 2 are defined by this specification.
> All other authentication types are reserved for definition by the
> IANA (iana@ISI.EDU). The current list of authentication types is
> described below in Table 20.
>
> AuType Description
> ___________________________________________
> 0 Null authentication
> 1 Simple password
> 2 Cryptographic authentication
> All others Reserved for assignment by the
> IANA (iana@ISI.EDU)
>
>
>
> in the Message generation D.4 After building the contents of an OSPF
> packet,
> the authentication procedure indicated by the sending interface's Autype
> value
> is called before the packet is sent. The authentication procedure
> modifies
> the OSPF packet as follows.
>
> D.4.1 Generating Null authentication
>
> When using Null authentication, the packet is modified as
> follows:
>
> (1) The Autype field in the standard OSPF header is set to
> 0.
>
> Hope this helps
>
> Just my 2 cents more
>
> thanks,
> Victor Cappuccio.-
> Network Learning Inc - A Cisco Sponsored Organization (SO) YES! We take
> Cisco Learning credits!
> victor@ccbootcamp.com
> http://www.ccbootcamp.com (Cisco Training and Rental Racks)
> http://www.ccbootcamp.com/groupstudy.html (groupstudy member discounts!)
> Voice: 702-968-5100
> FAX: 702-446-8012
>
>
>
>
> -----Original Message-----
> From: nobody@groupstudy.com on behalf of Jason Carpenter
> Sent: Sun 4/22/2007 12:12
> To: ccielab@groupstudy.com
> Subject: OSPF authentication
>
> Will this result in OSPF authentication with a MD5 hash of password CISCO
>
> router ospf 1
> area 0 authentication
>
> int s0/0
> ip ospf authentication message-digest
> ip ospf authentication-key CISCO
>
> when I run sh ip ospf int s0/0
> it says message-digest authentication enabled
> no key configured, using default key id 0
>
> as long as the question does not specify a key number, (for example
> key 1) would this result in md5 authentication with the password
> CISCO?
>
> Thanks
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Narbik Kocharians CCIE# 12410 (R&S, SP, Security) CCSI# 30832 Network Learning, Inc. (CCIE class Instructor) www.ccbootcamp.com (CCIE Training)
This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:37 ART