Cisco Systems IOS XR Supported OSPF Network Types, Route Authentication Methods for OSPF Version 2

Implementing OSPF on Cisco IOS XR Software

Information About Implementing OSPF on Cisco IOS XR Software

RC-177

Cisco IOS XR Routing Configuration Guide

•The primary IPv4 address of the interface specified by the OSPF router-id command.

•The 32-bit numeric value specified by the router-id command in global configuration mode. (This

value must be an IPv4 address assigned to an interface on this router.)

•By using the highest IPv4 address on a loopback interface in the system if the router is booted with

saved loopback address configuration.

•The primary IPv4 address of an interface over which this OSPF process is running.

We recommend that the router ID be set by the router-id command in router configuration mode.

Separate OSPF processes could share the same router ID, in which case they cannot reside in the same

OSPF routing domain.

Supported OSPF Network Types

OSPF classifies different media into the following three types of networks by default:

•NBMA networks

•Point-to-point networks (POS)

•Broadcast networks (Gigabit Ethernet)

You can configure your CiscoIO S XR network as either a broadcast or an NBMA network. Using this

feature, you can configure broadcast networks as NBMA networks when, for example, you have routers

in your network that do not support multicast addressing.

Route Authentication Methods for OSPF Version 2

OSPF Version 2 supports two types of authentication: plain text authentication and MD5 authentication.

By default, no authentication is enabled (referred to as null authentication in RFC 2178).

Plain text authentication (also known as Type 1 authentication) uses a password that travels on the

physical medium and is easily visible to someone that does not have access permission and could use the

password to infiltrate a network. Therefore, plain text authentication does not provide security. It might

protect against a faulty implementation of OSPF or a misconfigured OSPF interface trying to send

erroneous OSPF packets.

MD5 authentication provides a means of security. No password travels on the physical medium. Instead,

the router uses MD5 to produce a message digest of the OSPF packet plus the key, which is sent on the

physical medium. Using MD5 authentication prevents a router from accepting unauthorized or

deliberately malicious routing updates, which could compromise your network security by diverting

your traffic.

Note MD5 authentication supports multiple keys, requiring that a key number be associated with a key.