DGS-6604
ip ospf message-digest-key
CLI Reference Guide
291
ip ospf message-digest-key
Use this command to register an MD5 key for OSPF MD5 authentication.
Use the no form of this command to remove an MD5 key.
ip ospf message-digest-key
KEY
-
ID
md5
KEY
no ip ospf message-digest-key
KEY
-
ID
Default
None
Command Mode
Interface configuration
Usage Guideline
Message Digest Authentication is a cryptographic authentication. A key
(password) and key-id are configured on each router. The router uses an
algorithm based on the OSPF packet, the key, and the
KEY
-
ID
to generate a
message digest that gets appended to the packet. Use this command for
uninterrupted transitions between passwords. This is helpful for administrators
who want to change the OSPF password without disrupting communication. The
system begins a rollover process until all the neighbors have adopted the new
password. This allows neighboring routers to continue communication while the
network administrator is updating them with a new password. The router will stop
sending duplicate packets once it detects that all of its neighbors have adopted
the new password.
Maintain only one password per interface, removing the old password whenever
a new one is added. This prevents the local system from continuing to
communicate with the system that is using the old password. Removing the old
password also reduces overhead during rollover. All neighboring routers on the
same network must have the same password value to enable exchange of OSPF
routing data.
Example
The following example shows how to set a new key 10 with password
yourpass
on interface VLAN 1.
Verify the settings by entering the
show ip ospf interface
command.
Syntax Description
KEY-ID
Specifies a value for key identifier. The range is 1 to 255.
KEY
Specifies the OSPF password. The syntax is a general string, 1-16 characters
with no spaces.
Switch# configure terminal
Switch(config)# interface vlan1
Switch(config-if)# ip ospf authentication message-digest
Switch(config-if)# ip ospf message-digest-key 10 md5 yourpass