Re: OSPF Authentication

From: Jason Madsen (madsen.jason@gmail.com)
Date: Sun Jul 06 2008 - 14:10:35 ART

• Next message: Tony Varriale: "RE: Cisco 1310 P-t-P Throughput too low"
• Previous message: Sadiq Yakasai: "Re: OSPF Authentication"
• Maybe in reply to: akyccie: "OSPF Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

yep, there are two ospf authentication methods. although "*show ip ospf*"
only shows authentication information for area-based authentication, you can
use "*show ip ospf interface*" to see if link-based authentication is being
used...down toward the bottom of the output for each interface.

Jason

On Sun, Jul 6, 2008 at 9:57 AM, akyccie <akyccie@gmail.com> wrote:

> There are two way to configure the OSPF authentication.
>
> Option 1: Put the authentication command at Interface level
>
> int x/x
> ip ospf authentication message-digest
> ip ospf message-digest-key 1 md5 cisco
>
> Option : 2 Put are area authentication command
>
> router os 1
> area 0 authentication message-digest
> !
> int x/x
> ip ospf message-digest-key 1 md5 cisco
>
> But if you choose Option-1 and if you do "sh ip ospf" it's show that "Area
> has
> no authentication" where interface show the authentication is enable. So
> does
> it mean the authentication is set correctly.
>
>
> R2#sh ip OS int
> Serial1/0 is up, line protocol is up
> Internet Address 19.19.245.2/24, Area 0
> Process ID 1, Router ID 19.19.2.2, Network Type NON_BROADCAST, Cost: 64
> Transmit Delay is 1 sec, State DROTHER, Priority 0
> Designated Router (ID) 19.19.5.5, Interface address 19.19.245.5
> No backup designated router on this network
> Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
> oob-resync timeout 120
> Hello due in 00:00:26
> Supports Link-local Signaling (LLS)
> Index 3/6, flood queue length 0
> Next 0x0(0)/0x0(0)
> Last flood scan length is 3, maximum is 3
> Last flood scan time is 0 msec, maximum is 0 msec
> Neighbor Count is 1, Adjacent neighbor count is 1
> Adjacent with neighbor 19.19.5.5 (Designated Router)
> Suppress hello for 0 neighbor(s)
> Message digest authentication enabled
> Youngest key id is 1
>
>
>
> R2#sh ip os
>
> Area BACKBONE(0)
> Number of interfaces in this area is 3
> Area has no authentication
> SPF algorithm last executed 00:51:53.744 ago
> SPF algorithm executed 6 times
> Area ranges are
> Number of LSA 8. Checksum Sum 0x055F4D
> Number of opaque link LSA 0. Checksum Sum 0x000000
> Number of DCbitless LSA 0
> Number of indication LSA 0
> Number of DoNotAge LSA 0
> Flood list length 0
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Tony Varriale: "RE: Cisco 1310 P-t-P Throughput too low"
• Previous message: Sadiq Yakasai: "Re: OSPF Authentication"
• Maybe in reply to: akyccie: "OSPF Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:53 ART