Re: rip passive int with neighbor command

From: Alexey Tolstenok (alextols@gmail.com)
Date: Wed Jul 16 2008 - 16:33:53 ART

• Next message: Jason Madsen: "Re: rip passive int with neighbor command"
• Previous message: Christopher Copley: "Basic STP question"
• Maybe in reply to: Igor Manassypov: "rip passive int with neighbor command"
• Next in thread: Jason Madsen: "Re: rip passive int with neighbor command"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Scott,
Obviously when you are doing md5 auth with different key-ids and same
password - it shouldn't work. But I suppose you agree when it somehow works
under strange conditions this semi-feature shouldn't be considered as a
reliable solution cause you can easily loose points (on CCIE lab) or money
(in ISP network)

2008/7/16 Scott Morris <smorris@internetworkexpert.com>:

> Are you doing MD5? If so, according to RFC 2082, section 3.1 the key
> number absolutely is exchanged!
>
> If using plain text, according to RFC 2453, section 4.1 there is no entry
> for key-id. Simply a 16-byte password.
>
>
> Scott Morris, CCIE4 #4713, JNCIE-M #153, JNCIS-ER, CISSP, et al.
> CCSI/JNCI-M/JNCI-ER
> Senior CCIE Instructor
>
> smorris@internetworkexpert.com
>
>
>
>

-- 
Alexey Tolstenok
CCIEx2 (R&S, SP) #17405, JNCIE-M #313, CCSI#31737

• Next message: Jason Madsen: "Re: rip passive int with neighbor command"
• Previous message: Christopher Copley: "Basic STP question"
• Maybe in reply to: Igor Manassypov: "rip passive int with neighbor command"
• Next in thread: Jason Madsen: "Re: rip passive int with neighbor command"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:55 ART