Modify Virtual Link Parameters - Foundry Networks FESX Manual

Foundry Configuration Guide for the FESX, FSX, and FWSX

Modify Virtual Link Parameters

OSPF has some parameters that you can modify for virtual links. Notice that these are the same parameters as
the ones you can modify for physical interfaces.
You can modify default values for virtual links using the following CLI command at the OSPF router level of the
CLI, as shown in the following syntax:
Syntax: area <num> | <ip-addr> virtual-link <ip-addr> [authentication-key [0 | 1] <string>] [dead-interval <num>]
[hello-interval <num>] [md5-authentication key-activation-wait-time <num> | key-id <num> [0 | 1] key <string>]
[retransmit-interval <num>] [transmit-delay <num>]
The parameters are described below. For syntax information, see the Foundry Switch and Router Command Line
Interface Reference.
Virtual Link Parameter Descriptions
You can modify the following virtual link interface parameters:
Authentication Key: This parameter allows you to assign different authentication methods on a port-by-port
basis. OSPF supports three methods of authentication for each interface—none, simple password, and MD5.
Only one method of authentication can be active on an interface at a time.
The simple password method of authentication requires you to configure an alphanumeric password on an
interface. The password can be up to eight characters long. The simple password setting takes effect
immediately. All OSPF packets transmitted on the interface contain this password. All OSPF packets received on
the interface are checked for this password. If the password is not present, then the packet is dropped.
The MD5 method of authentication encrypts the authentication key you define. The authentication is included in
each OSPF packet transmitted.
MD5 Authentication Key: When simple authentication is enabled, the key is an alphanumeric password of up to
eight characters. When MD5 is enabled, the key is an alphanumeric password of up to 16 characters that is later
encrypted and included in each OSPF packet transmitted. You must enter a password in this field when the
system is configured to operate with either simple or MD5 authentication.
MD5 Authentication Key ID: The Key ID is a number from 1 – 255 and identifies the MD5 key that is being used.
This parameter is required to differentiate among multiple keys defined on a router.
MD5 Authentication Wait Time: This parameter determines when a newly configured MD5 authentication key is
valid. This parameter provides a graceful transition from one MD5 key to another without disturbing the network.
All new packets transmitted after the key activation wait time interval use the newly configured MD5 Key. OSPF
packets that contain the old MD5 key are accepted for up to five minutes after the new MD5 key is in operation.
The range for the key activation wait time is from 0 – 14400 seconds. The default value is 300 seconds.
Hello Interval: The length of time between the transmission of hello packets. The range is 1 – 65535 seconds.
The default is 10 seconds.
Retransmit Interval: The interval between the re-transmission of link state advertisements to router adjacencies
for this interface. The range is 0 – 3600 seconds. The default is 5 seconds.
Transmit Delay: The period of time it takes to transmit Link State Update packets on the interface. The range is
0 – 3600 seconds. The default is 1 second.
Dead Interval: The number of seconds that a neighbor router waits for a hello packet from the current router
before declaring the router down. The range is 1 – 65535 seconds. The default is 40 seconds.
Encrypted Display of the Authentication String or MD5 Authentication Key
The optional 0 | 1 parameter with the authentication-key and md5-authentication key-id parameters affects
encryption.
For added security, FastIron devices encrypt display of the password or authentication string. Encryption is
enabled by default. The software also provides an optional parameter to disable encryption of a password or
authentication string, on an individual OSPF area or OSPF interface basis.
20 - 20 © Foundry Networks, Inc. December 2005