All,
Refer to the following:
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186
a0080094069.shtml
These are the three different types of authentication supported by OSPF.
-
*Null Authentication*�This is also called Type 0 and it means no
authentication information is included in the packet header. It is the
default.
-
*Plain Text Authentication*�This is also called Type 1 and it uses simple
clear-text passwords.
-
*MD5 Authentication*�This is also called Type 2 and it uses MD5
cryptographic passwords.
Authentication does not need to be set. However, if it is set, all peer
routers on the same segment must have the same password and authentication
method. The examples in this document demonstrate configurations for both
plain text and MD5 authentication.
Umm....
I'd advise knowing that there is a "Type 0", a "Type 1", and a "Type 2"
authentication for OSPF.
True we only configure 2 of the 3 types... however, WELCOME TO SPARTA...
don't get kicked into the pit. Know your options and know how to interpret
them.
Some things don't get emphasized enough and some get watered over...
I've just emphasized it.
:)
Darby
On Fri, May 20, 2011 at 9:14 AM, GAURAV MADAN
<gauravmadan1177_at_gmail.com>wrote:
> "everyone" ........... not everyone Darby ..
>
> if u somehow see Video on demand INE as well .... they also mention 3 type
> of ospf auth ..
>
> no auth
> plain
> md5
>
>
>
> On Fri, May 20, 2011 at 4:27 PM, Darby Weaver
<darby.weaver_at_gmail.com>wrote:
>
>> That's what I love about the CCIE Lab...
>>
>> Everyone says there are "only" 2 types of authentication in OSPF....
>>
>> 1. Plain text
>> 2. MD5
>>
>> If you listen to all your most knowledgeable friends on Groupstudy and a
>> couple of three (maybe more CCIE's of some repute)...
>>
>> And then you find yourself in the "gladiator's chamber" one day... and a
>> third is suggested by some hint of a vague clue...
>>
>> Unless you've heard of RFC2328 and then you find... there is a third...
>> and
>> you find yourself astonished in about the same way everyone else was when
>> we
>> found out that Luke Skywalker was not quite "The Last Hope" as mentioned
>> by
>> Yoda... Yep... there are three...
>>
>>
>> OSPF as defined in
>> [RFC2328<https://mail.google.com/mail/html/compose/static_files/rfc2328>]
>>
>>
>> includes three different types of
>> authentication schemes: Null authentication, simple password and
>> cryptographic authentication. NULL authentication is akin to having
>> no authentication at all. In the simple password scheme of
>> authentication, the passwords are exchanged in the clear text on the
>> network and anyone with physical access to the network can learn the
>> password and compromise the security of the OSPF domain.
>>
>> In the cryptographic authentication scheme, the OSPF routers on a
>> common network/subnet share a secret key which is used to generate a
>> keyed MD5 digest for each packet and a monotonically increasing
>> sequence number scheme is used to prevent replay attacks.
>>
>>
>>
>>
>> --
>> Darby Weaver
>> Network Engineer
>> http://www.darbyslogs.blogspot.com
>>
>> darbyweaver_at_yahoo.com
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
--
Darby Weaver
Network Engineer
http://www.darbyslogs.blogspot.com
darbyweaver_at_yahoo.com
Blogs and organic groups at http://www.ccie.net
Received on Fri May 20 2011 - 12:34:20 ART