VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
OSPF Authentication
1.
2. OSPF can authenticate every OSPF message. This is usually done
to prevent a rogue router from injecting false routing
information and therefore causing a Denial-of-Service attack.
Two types of authentication can be used:
1. clear text authentication – clear text passwords are used
2. MD5 authentication – MD5 authentication is used. This type
of authentication of more secure.
NOTE – with OSPF authentication turned on, routers must pass
the authentication process in order to become OSPF neighbors
3. To configure clear text authentication, the following steps are
required:
1. configure the OSPF password on the interface by using the ip
ospf authentication-key PASSWORD interface command
2. configure the interface to use OSPF clear-text authentication
by using the ip ospf authentication interface command
In the following example, we will configure OSPF clear-text
authentication.
4. Both routers are running OSPF. On R1, we need to enter the
following commands:
The same commands have to be entered on R2:
5. To verify that clear-text authentication is indeed turned on, we
can use the show ip ospf interface
INTERFACE_NUMBER/INTERFACE_TYPE command on either
router:
6. Configuring OSPF MD5 authentication is very similar to
configuring clear-text authentication. Two commands are also
used:
1. First you need to configure the MD5 value on an interface by
using the ip ospf message-digest-key 1 md5 VALUE interface
command
2. Next, you need to configure the interface to use MD5
authentication by using the ip ospf authentication message-
digest interface command
Here is an example configuration on R1:
7. You can verify that R1 is using OSPF MD5 authentication by
typing the show ip ospf
INTERFACE/INTERFACE_TYPE command:
8. TIP – OSPF authentication type can also be enabled on an area
basis, instead of configuring OSPF authentication type per
interface basis. This is done by using the area AREA_ID
authentication [message-digest] command under the OSPF
configuration mode. If you omit the message-digest keyword, a
clear-text authentication will be used for that area. All interfaces
inside the area will use OSPF authentication.