OSPF - wAlber47/Tech-Journal GitHub Wiki

In order to configure OSPF you need to create an OSPF instance on each router interface.

• Create an OSPF instance with router ospf <instance-#>. Make sure you do this on each Router.
• (config-router)# network <network-address> <wildcard-mask> area <area-#>. You need to do this for each subnet on your network.

There are three different types of authentication available for OSPF:

1. Null authentication: Null authentication means that there is no authentication, this is what was set up above.
2. Clear text authentication: In this method of authentication, passwords are exchanged in clear text on the network.
3. Cryptographic authentication: The cryptographic method uses the open standard MD5 encryption.

1. On each interface:
   1. Select router interface.
   2. Router(config-if)# ip ospf authentication message-digest
   3. Router(config-if)# ip ospf message-digest-key <key> md5 <passphrase>
   4. Repeat on every OSPF interface, only neighbors need the same passphrase.

1. On each interface:
   1. Select router interface.
   2. Router(config-if)# ip ospf authentication
   3. Router(config-if)# ip ospf authentication-key <passphrase>
   4. Repeat on every OSPF interface.

There are two main reasons that authentication fails, type mismatch and key mismatch.

1. To test authentication type mismatch, if errors are found they will show up:
   1. Router# debug ip ospf adj
2. To test type mismatch, run this command and look for it to tell you your "key id" somewhere towards the bottom.
   1. Router# sh ip ospf int <interface>