1. Manuals
  2. Brands
  3. Avaya Manuals
  4. Network Router
  5. 8600
  6. Engineering

Security; Simple Password Mechanism; Message Digest 5 (Md5) - Avaya 8600 Engineering

Ethernet routing switch
Hide thumbs Also See for 8600:
Table of Contents

Advertisement

6. Security

The Ethernet Routing Switch 8600 implementation of OSPF includes security mechanisms to prevent the
OSPF routing domain from being attacked by unauthorized routers. This prevents someone from joining
an OSPF domain and advertising false information in its OSPF LSAs. Likewise, it prevents a
misconfigured router from joining an OSPF domain.
6.1

Simple Password Mechanism

The Simple Password is a text simple password mechanism, only routers that contain the same
authentication id in their LSA headers can communicate with each other. To configure simple password,
use the following commands.
Brouter Ports:
config ethernet x/y ip ospf authentication-type simple
config ethernet x/y ip ospf authentication-key <string>
Where:
x = slot #
y = port #
VLAN:
config vlan x ip ospf authentication-type simple
config vlan x ip ospf authentication-key <string>
Where:
x = VLAN #
The problem with this feature is that the password is stored in plain text and can be read off the config file
or LSA packet.
6.2

Message Digest 5 (MD5)

This is the preferred method of OSPF security as it provides standards based (RFC 1321) authentication
using 128-bit encryption. It is almost impossible to compute or extrapolate the decryption codes from the
OSPF packets. Basically each OSPF packet will have a message digest appended to it which needs to
be matched between sending and receiving routers. The message digest is calculated on either side,
based on the MD5 Key and any padding, then compared, if they do not match, the packet is rejected.
The first step is to create a MD5 key and key-id and then set the authentication type for message-digest.
config ip ospf interface <IP address> add-message-digest-key <md5-key-id> md5-
key <value>
config ip ospf interface <IP address>
Where:
md5-key-id = 1-255
md5-key value = alphanumeric password of up to 16 bytes {string length 0..16}
auth-type = authentication type {none|simple|message-digest}
November 2010
ERS 8600 / 8800 OSPF Technical Configuration Guide
authentication-type message-digest
avaya.com
14

Advertisement

Table of Contents
loading

Related Manuals for Avaya 8600

Related Content for Avaya 8600

This manual is also suitable for:

8800

Table of Contents