From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Tue Feb 17 2009 - 15:55:52 ARST
Also remember that the virtual-link runs as a demand circuit. This
means that if the virtual-link is up, and then authentication is enabled
incorrectly, the virtual-link won't actually go down until there is a
change in the topology. As a general rule you should always clear the
OSPF process any time you make a change that can affect the virtual-link
to ensure that it comes back up properly.
HTH,
Brian McGahan, CCIE #8593 (R&S/SP/Security)
bmcgahan@internetworkexpert.com <mailto:bmcgahan@internetworkexpert.com>
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
<http://blog.internetworkexpert.com>
Hobbs wrote:
> If you enable "area 0 authentication" than all links use a null key
> until you specify one. This includes VL. Adjacencies will stay up
> until you create your key.
>
> R5(config)#router ospf 1
> R5(config-router)#are 0 authentication message-digest
>
> R5#sho ip osp virtual-links | sec Mess
> Message digest authentication enabled
> No key configured, using default key id 0
>
> -hth
>
> On Tue, Feb 17, 2009 at 7:51 AM, Jared Scrivener
> <jscrivener@ipexpert.com> wrote:
>
>> Is your authentication in Area 0 link based or area based?
>>
>> If it is link based you shouldn't have an issue technically if you don't do
>> it on the virtual-link, although you may be violating your lab requirements
>> (depending on the specifics of the question).
>>
>> Cheers,
>>
>> Jared Scrivener CCIE3 #16983 (R&S, Security, SP), CISSP
>> Technical Instructor - IPexpert, Inc.
>> Telephone: +1.810.326.1444
>> Fax: +1.810.454.0130
>> Mailto: jscrivener@ipexpert.com
>>
>>
>> -----Original Message-----
>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>> Nauman Habib
>> Sent: Tuesday, 17 February 2009 9:36 AM
>> To: jfh6200@tx.rr.com
>> Cc: ccielab@groupstudy.com
>> Subject: Re: Does virtual Link requires Authentication?
>>
>> Then How come - it work fine without authentication ?
>>
>> even if it come's a part of area 0 - i get all the routes and can even ping
>> them successfully.
>>
>> i should not get all the routes there then.
>>
>>
>>
>>
>> On Tue, Feb 17, 2009 at 5:23 PM, Joe Harris, CCIE# 6200
>> <jfh6200@tx.rr.com>wrote:
>>
>>
>>> Yes it does.
>>>
>>> Joe Harris
>>> CCIE No. 6200 (R/S,Sec,SP)
>>> http://www.6200networks.com
>>>
>>>
>>> -----Original Message-----
>>> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>>> Nauman Habib
>>> Sent: Tuesday, February 17, 2009 7:53 AM
>>> To: ccielab@groupstudy.com
>>> Subject: Does virtual Link requires Authentication?
>>>
>>> Dear Experts,
>>>
>>> If we are having Authentication in Area 0 - and in the rest of area's
>>>
>> there
>>
>>> is no authentication !!
>>>
>>> do we require to enable authentication to be configured for the virtual
>>> link
>>> ?
>>>
>>> Regard's ,
>>>
>>> Nauman
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST