Configuring OSPF authentication

Perform this task to configure OSPF area and interface authentication.

OSPF adds the configured password into sent packets, and uses the password to authenticate received packets. Only packets that pass the authentication can be received. If a packet fails the authentication, the OSPF neighbor relationship cannot be established.

If you configure OSPF authentication for both an area and an interface in that area, the interface uses the OSPF authentication configured on it.

Configuring OSPF area authentication

You must configure the same authentication mode and password on all the routers in an area.

To configure OSPF area authentication:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Enter OSPF view.	ospf [ process-id \| router-id router-id \| vpn-instance vpn-instance-name ] *	N/A
3. Enter area view.	area area-id	N/A
4. Configure area authentication mode.	Configure MD5 authentication:authentication-mode { hmac-md5 \| md5 } key-id { cipher \| plain } password Configure simple authentication:authentication-mode simple { cipher \| plain } password	Use either method. By default, no authentication is configured.

Configuring OSPF interface authentication

You must configure the same authentication mode and password on both the local interface and its peer interface.

To configure OSPF interface authentication:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter interface view.

interface interface-type interface-number

N/A

3. Configure interface authentication mode.

Configure simple authentication:ospf authentication-mode simple { cipher cipher-string | plain plain-string }
Configure MD5 authentication:ospf authentication-mode { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string }

Use either method.

By default, no authentication is configured.

prev	up	next
Configuring stub routers	home	Adding the interface MTU into DD packets