• OSPF Supports authentication against routing injection.
  • Every Hello, Update, LSR includes authentication info.

Auth Types:

  • Type 0 – Null
  • Type 1 – Simple
  • Type 2 – MD5/SHA

Configuration:

  • OSPF Process
    • area <#> authentication
  • Link Level
    • ip ospf authentication
      • Overrides global process
  • Password always configured on the link
    • ip ospf authentication-key
    • ip ospf message-digest key
  • Key IDs must obviously match.
  • Virtual Link
    • Area 0 Interface
    • Inherits rules of authentication
    • Key goes at the interface.
    • Type can be configured globally or at interface.
    • Runs as demand circuit.

Examples:

Authentication between R4 and R5 Area 0:

Router OSPF Process
Router OSPF Process
Interface Message Digest Config
Interface Message Digest Config

This can be confirmed with the ospf interface command:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s