Authentication
400
NE2552E Application Guide for ENOS 8.4
OSPF protocol exchanges can be authenticated so that only trusted routing devices
can participate. This ensures less processing on routing devices that are not
listening to OSPF packets.
OSPF allows packet authentication and uses IP multicast when sending and
receiving packets. Routers participate in routing domains based on pre‐defined
passwords. Lenovo ENOS supports simple password (type 1 plain text passwords)
and MD5 cryptographic authentication. This type of authentication allows a
password to be configured per area.
We strongly recommend that you implement MD5 cryptographic authentication as
a best practice.
Figure
shows authentication configured for area 0 with the password test.
Simple authentication is also configured for the virtual link between area 2 and
area 0. Area 1 is not configured for OSPF authentication.
Figure 44. OSPF Authentication
Application
Switch 5
IF 5
Area 2
Switch 4
Area 1
Application
Switch 2
IF 1
ABR
IF 4
Virtual link
key=blade
Area 0
Simple authentication
key=test
IF 2
Switch 3
Application
Switch 1
IF 3
ASBR to
external networks