Alcatel Carrier Internetworking Solutions 060187-10 REV D Interface Authentication

Configuring OSPF Configuring OSPF

OmniSwitch 6600 Family Advanced Routing Configuration Guide March 2005 page 1-23

Interface Authentication

OSPF allows for the use of authentication on configured interfaces. When authentication is enabled, only

neighbors using the same type of authentication and the matching passwords or keys can communicate.

There are two types of authentication: simple and MD5. Simple authentication requires only a text string

as a password, while MD5 is a form of encrypted authentication that requires a key and a password. Both

types of authentication require the use of more than one command.

Simple Authentication

To enable simple authentication on an interface, enter the ip ospf interface auth-type command with the

interface IP address or interface name, as shown:

-> ip ospf interface 120.5.80.1 auth-type simple

Once simple authentication is enabled, the password must be set with the ip ospf interface auth-key

command, as shown:

-> ip ospf interface 120.5.80.1 auth-key test

In the above instance, only other interfaces with simple authentication and a password of “test” will be

able to use the configured interface.

MD5 Encryption

To configure the same interface for MD5 encryption, enter the ip ospf interface auth-type as shown:

-> ip ospf interface 120.5.80.1 auth-type md5

Once MD5 authentication is set, a key identification and key string must be set with the ip ospf interface

md5 key command. For example to set interface 120.5.80.1 to use MD5 authentication with a key identifi-

cation of 7 and key string of “test”, enter:

-> ip ospf interface 120.5.80.1 md5 7

and

-> ip ospf interface 120.5.80.1 md5 7 key "test"

Note that setting the key ID and key string must be done in two separate commands. Once the key ID and

key string have been set, MD5 authentication is enabled. To disable it, use the ip ospf interface md5

command, as shown:

-> ip ospf interface 120.5.80.1 md5 7 disable

To remove all authentication, enter the ip ospf interface auth-type as follows:

-> ip ospf interface 120.5.80.1 auth-type none

Contents

Main Page Contents Page About This Guide Supported Platforms Unsupported Platforms Who Should Read this Manual? When Should I Read this Manual? What is in this Manual? What is Not in this Manual? How is the Information Organized? Documentation Roadmap Stage 1: Using the Switch for the First Time Stage 2: Gaining Familiarity with Basic Switch Functions Stage 3: Integrating the Switch Into a Network Anytime Related Documentation User Manual CD Technical Support 1 Configuring OSPF In This Chapter OSPF Specifications OSPF Defaults Table Enables OSPF. Enables an area. Enables an interface. Sets the overflow interval value. OSPF Quick Steps 9Assign the OSPF interface to the area and the backbone using the ip ospf interface area command. For example: or 10Enable the OSPF interfaces using the ip ospf interface status command. For example: or 11You can now display the router OSPF settings by using the show ip ospf command. The output gener- 12You can display OSPF area settings using the show ip ospf area command. For example: 13You can display OSPF interface settings using the show ip ospf interface command. For example: OSPF Overview OSPF Areas Classification of Routers Virtual Links Stub Areas OSPF Stub Area Not-So-Stubby-Areas Totally Stubby Areas Equal Cost Multi-Path (ECMP) Routing Non Broadcast OSPF Routing Graceful Restart on Stacks with Redundant Switches Page Configuring OSPF Preparing the Network for OSPF Activating OSPF Loading the Software Enabling OSPF Removing OSPF from Memory Creating an OSPF Area Creating an Area Enabling an Area Specifying an Area Type Enabling and Disabling Summarization Displaying Area Status Deleting an Area Configuring Stub Area Default Metrics Setting Area Ranges Configuring a Totally Stubby Area 1Enter the following commands on Router B: 2Enter the following on Router A: Creating OSPF Interfaces Creating an Interface Assigning an Interface to an Area Activating an Interface Interface Authentication Modifying Interface Parameters belonging to this interface. Creating Virtual Links Creating a Virtual Link Modifying Virtual Link Parameters Creating Redistribution Policies and Filters Specifying an Autonomous System Boundary Router Enabling Redistribution Creating A Redistribution Policy Creating a Redistribution Filter Page Configuring Router Capabilities Configuring Static Neighbors Configuring Redundant Switches in a Stack for Graceful Restart OSPF Application Example Three Area OSPF Network Step 1: Prepare the Routers Page Step 2: Enable OSPF Step 3: Create and Enable the Areas and Backbone Step 4: Create, Enable, and Assign Interfaces Page Step 5: Examine the Network Verifying OSPF Configuration A Software License and Copyright Statements Alcatel License Agreement ALCATEL INTERNETWORKING, INC. (AII) SOFTWARE LICENSE AGREEMENT Page Page Third Party Licenses and Notices A.Booting and Debugging Non-Proprietary Software B. The OpenLDAP Public License: Version 2.4, 8 December 2000 C. Linux D. GNU GENERAL PUBLIC LICENSE: Version 2, June 1991 Preamble GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION Page Page Page Appendix: How to Apply These Terms to Your New Programs E. University of California F. Carnegie-Mellon University G.Random.c H.Apptitude, Inc. I. Agranat J. RSA Security Inc. K. Sun Microsystems, Inc. L. Wind River Systems, Inc. M.Network Time Protocol Version 4 Index A B D E O R S T V