From: Rich Collins (nilsi2002@gmail.com)
Date: Sun Nov 11 2007 - 10:38:31 ART
I can't find it in my notes but I vaguely recall that in such a case
RIP on the Hub will accept and validate those two different keys (use
the 2nd one if the first fails) for R3 but will be only sending out
the first key to both spokes. That means R3 will only ever see key1
on its incoming interface.
On Nov 11, 2007 8:04 AM, Bhaskar Sivanesan <bas_bharath@yahoo.com> wrote:
> Hi Group
>
> Hows the authentication keys in key-chains are managed...... like if I have 2 keys in a a key chain, will the authentication process go sequentiallly, till the authentication succeeds...
>
> My scenario is , I have R1 with a mulitpoint sub-interface terminating at R2 and R3. RIP is enabled among these three and different keys have to be used by R1 for authentication with R2 and R3. I tried the below config, but authentication with R3 fails. i.e R3 receives update from R1 and ignores, stating invalid authentication. however R1 receives updates from R3 and accepts them.
>
> any suggestions???
>
> R1 -config
> ----------------
> key chain r1tor2
> key 1
> key-string ipexpert_R1toR2
> key 2
> key-string ipexpert_R1toR3
>
>
> R2 config
> -------------
> key chain r1tor2
> key 1
> key-string ipexpert_R1toR2
>
> R3 config
> -------------
> key chain r1tor3
> key 2
> key-string ipexpert_R1toR3
>
>
> Thanks
> Bhaskar
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:29 ART