DXS-3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide
912
75-16
ip ospf message-digest-key
This command is used to configure the MD5 digest key for OSPF MD5 authentication. Use the
no
command to remove an MD5 key.
ip ospf message-digest-key KEY-ID md5 KEY
no ip ospf message-digest-key KEY-ID
Parameters
KEY-ID
Specifies the key identifier. The range is from 1 to 255.
KEY
Specifies the OSPF MD5 message digest key. The syntax is general
string that does not allow spaces. This key can be up to 16 characters
long.
Default
None.
Command Mode
Interface Configuration Mode.
Command Default Level
Level: 12.
Usage Guideline
The authentication for OSPF messages can be either operated in the password mode or MD5 digest
mode. This command defines the message digest key used by the MD5 digest mode.
In MD5 digest mode, the OSPF message sender will compute a message digest based on the message
digest key for the TX message. The message digest and the key ID will be encoded in the packet. The
receiver of the packet will verify the digest in the message against the digest computed based on the
locally defined message digest key corresponding to the same key ID.
The same key ID on the neighboring router should be defined with the same key string.
All the neighboring routers on the same interface must use the same key to exchange the OSPF packet
with each other. Normally, all neighboring routers on the interface use the same key
With the MD5 digest mode, the user can rollover to a new key without disrupting the current message
exchange using the new key. Supposed that a router is currently using an old key to exchange OSPF
packets with the neighbor router, as the user configures a new key, the router will start the roll over
process by sending duplicated packets for both of the old and the new key. The router will stop sending
duplicated packets until it find that all routers on the network have learned the new key. After the rollover
process completed, the user should delete the old key to prevent the router from communicating with
router using the old key.
Example
This example shows how to configure a new key 10 with the password “yourpass” on the interface VLAN
1.
Switch# configure terminal
Switch(config)# interface vlan1
Switch(config-if)# ip ospf authentication message-digest
Switch(config-if)# ip ospf message-digest-key 10 md5 yourpass
Switch(config-if)#
Summary of Contents for DXS-3600 Series
Page 1: ......
Page 423: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 418 ...
Page 548: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 543 ...
Page 673: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 668 ...
Page 712: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 707 Switch ...
Page 845: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 840 ...
Page 884: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 879 ...
Page 1152: ...DXS 3600 Series Layer 3 Managed 10Gigabit Ethernet Switch CLI Reference Guide 1147 ...