Ip Ospf Message-Digest-Key - Allied Telesis SwitchBlade x908 Series Software Reference Manual

OSPF Commands

ip ospf message-digest-key

This command registers an MD5 key for OSPF MD5 authentication.
Message Digest Authentication is a cryptographic authentication. A key (password) and key-id
are configured on each router. The router uses an algorithm based on the OSPF packet, the
key, and the key-id to generate a message digest that gets appended to the packet.
Use this command for uninterrupted transitions between passwords. It allows you to add a
new key without having to delete the existing key. While multiple keys exist, all OSPF packets
will be transmitted in duplicate; one copy of the packet will be transmitted for each of the
current keys. This is helpful for administrators who want to change the OSPF password without
disrupting communication. The system begins a rollover process until all the neighbors have
adopted the new password. This allows neighboring routers to continue communication while
the network administrator is updating them with a new password. The router will stop sending
duplicate packets once it detects that all of its neighbors have adopted the new password.
Maintain only one password per interface, removing the old password whenever you add a
new one. This will prevent the local system from continuing to communicate with the system
that is using the old password. Removing the old password also reduces overhead during
rollover. All neighboring routers on the same network must have the same password value to
enable exchange of OSPF routing data.
By default, there is no MD5 key registered.
The no form of this command removes the MD5 key.
Syntax
ip ospf [<ip-address>] message-digest-key <key-id> md5 <pswd-long>
no ip ospf [<ip-address>] message-digest-key <key-id>
Parameter
<ip-address>
<key-id>
md5
<pswd-long>
Interface mode
Mode
The following example shows OSPF authentication on the interface VLAN5 when IP address
Examples
has not been specified.
36.34
Description
The IPv4 address of the interface, in dotted decimal notation.
A key ID number specified as an integer between 1 and 255.
Use the MD5 algorithm.
The OSPF password. This is a string of 1 to 16 characters including
spaces.
awplus# configure terminal
awplus(config)# interface VLAN5
awplus(config-if)# ip ospf authentication message-digest
awplus(config-if)# ip ospf message-digest-key 1 md5 yourpass
Software Reference for SwitchBlade® x908, x900 and x600 Series Switches
TM
AlliedWare Plus Operating System - Software Version 5.3.1 C613-50007-01 REV B