OSPF protocol exchanges can be authenticated so that only trusted routing devices can participate. This
ensures less processing on routing devices that are not listening to OSPF packets.
OSPF allows packet authentication and uses IP multicast when sending and receiving packets. Routers
participate in routing domains based on predefined passwords. The switch software supports simple
password (type 1 plain text passwords) and MD5 cryptographic authentication. This type of
authentication allows a password to be configured per area.
The following figure shows authentication configured for area 0 with the password test. Simple
authentication is also configured for the virtual link between area 2 and area 0. Area 1 is not configured
for OSPF authentication.
To configure simple plain text OSPF passwords on the switches shown in the figure use the following
Enable OSPF authentication for Area 0 on switches 1, 2, and 3.
>> # /cfg/l3/ospf/aindex 0/auth password
Configure a simple text password up to eight characters for each OSPF IP interface in Area 0 on
switches 1, 2, and 3.
>> # /cfg/l3/ospf/if 1
>> OSPF Interface 1 # key test
>> OSPF Interface 1 # ../if 2
>> OSPF Interface 2 # key test
>> OSPF Interface 1 # ../if 3
>> OSPF Interface 3 # key test
Enable OSPF authentication for Area 2 on switch 4.
>> # /cfg/l3/ospf/aindex 2/auth password
Configure a simple text password up to eight characters for the virtual link between Area 2 and
Area 0 on switches 2 and 4.
>> # /cfg/l3/ospf/virt 1/key packard