From: Joseph Saad (joseph.samir.saad@gmail.com)
Date: Sun Jul 06 2008 - 13:02:18 ART
The below is correct, and option 1 is showing what is meant to happen.
In real life,
if you have all the interfaces requiring authentication except a few you use
option 2 combined with "no ip ospf authentication" on the interfaces that
doesn't require authentication.
if you have few interfaces requiring authentication, then you go to option
1.
in the lab,
do what you are asked to do
and
don't do what you are asked not to do.
Cheers,
Joseph.
On Sun, Jul 6, 2008 at 7:57 PM, akyccie <akyccie@gmail.com> wrote:
> There are two way to configure the OSPF authentication.
>
> Option 1: Put the authentication command at Interface level
>
> int x/x
> ip ospf authentication message-digest
> ip ospf message-digest-key 1 md5 cisco
>
> Option : 2 Put are area authentication command
>
> router os 1
> area 0 authentication message-digest
> !
> int x/x
> ip ospf message-digest-key 1 md5 cisco
>
> But if you choose Option-1 and if you do "sh ip ospf" it's show that "Area
> has
> no authentication" where interface show the authentication is enable. So
> does
> it mean the authentication is set correctly.
>
>
> R2#sh ip OS int
> Serial1/0 is up, line protocol is up
> Internet Address 19.19.245.2/24, Area 0
> Process ID 1, Router ID 19.19.2.2, Network Type NON_BROADCAST, Cost: 64
> Transmit Delay is 1 sec, State DROTHER, Priority 0
> Designated Router (ID) 19.19.5.5, Interface address 19.19.245.5
> No backup designated router on this network
> Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
> oob-resync timeout 120
> Hello due in 00:00:26
> Supports Link-local Signaling (LLS)
> Index 3/6, flood queue length 0
> Next 0x0(0)/0x0(0)
> Last flood scan length is 3, maximum is 3
> Last flood scan time is 0 msec, maximum is 0 msec
> Neighbor Count is 1, Adjacent neighbor count is 1
> Adjacent with neighbor 19.19.5.5 (Designated Router)
> Suppress hello for 0 neighbor(s)
> Message digest authentication enabled
> Youngest key id is 1
>
>
>
> R2#sh ip os
>
> Area BACKBONE(0)
> Number of interfaces in this area is 3
> Area has no authentication
> SPF algorithm last executed 00:51:53.744 ago
> SPF algorithm executed 6 times
> Area ranges are
> Number of LSA 8. Checksum Sum 0x055F4D
> Number of opaque link LSA 0. Checksum Sum 0x000000
> Number of DCbitless LSA 0
> Number of indication LSA 0
> Number of DoNotAge LSA 0
> Flood list length 0
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:53 ART