juniper OSPF authentication

 

 

 R1和R2为区域1,R2和R3为区域0.在R1和R2上进行MD5认证

root@R1# show      
## Last changed: 2012-10-31 00:38:05 UTC
version 11.1R1.14;
system {
    host-name R1;
    root-authentication {
        encrypted-password 123; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    em0 {
        unit 0 {
            family inet {              
                address 10.1.12.1/24;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 1.1.1.1/24;
            }
        }
    }
}
routing-options {
    max-interface-supported 0;
}
protocols {
    ospf {
        traceoptions {    
            file ospf;      ##定义个追踪文件名为OSPF
            flag error detail;
            flag hello detail;
        }
        area 0.0.0.1 {                 
            interface lo0.0;
            interface em0.0 {
                authentication {
                    md5 10 key "$9$VgsgJikP36AGD6Ap0hcbs2"; ## SECRET-DATA
                }
            }
        }
    }
}

[edit]

 

root@R2# show
## Last changed: 2012-10-31 01:05:53 UTC
version 11.1R1.14;
system {
    host-name R2;
    root-authentication {
        encrypted-password 123; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    em0 {
        unit 0 {
            family inet {              
                address 10.1.23.1/24;
            }
        }
    }
    em1 {
        unit 0 {
            family inet {
                address 10.1.12.2/24;
            }
        }
    }
}
routing-options {
    max-interface-supported 0;
}
protocols {
    ospf {
        area 0.0.0.1 {
            interface em1.0 {
                authentication {
                    md5 10 key "$9$IV0hyKX7V4aUM8aUjH5TRhS"; ## SECRET-DATA
                }
            }                          
        }
        area 0.0.0.0 {
            interface em0.0;
        }
    }
}

[edit]

如果设置密码不一致时

R1上的monitor

root@R1# run monitor start ospf   //监视文件ospf

Oct 31 00:37:23.163572 OSPF hello from 10.1.12.2 (IFL 69, area 0.0.0.1) absorbed
Oct 31 00:37:23.163572 OSPF hello from 10.1.12.2 (IFL 69, area 0.0.0.1) absorbed
Oct 31 00:37:25.254799 OSPF packet ignored: authentication failure (bad cksum).
Oct 31 00:37:25.254926 OSPF packet ignored: authentication failure from 10.1.12.2
Oct 31 00:37:25.261828 OSPF packet ignored: authentication failure (bad cksum).
Oct 31 00:37:25.261981 OSPF packet ignored: authentication failure from 10.1.12.2

 

 

root@R2# run show ospf interface detail  
Interface           State   Area            DR ID           BDR ID          Nbrs
em0.0               BDR     0.0.0.0         10.1.23.2       10.1.12.2          1
  Type: LAN, Address: 10.1.23.1, Mask: 255.255.255.0, MTU: 1500, Cost: 1
  DR addr: 10.1.23.2, BDR addr: 10.1.23.1, Priority: 128
  Adj count: 1
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub
  Auth type: None
  Protection type: None
  Topology default (ID 0) -> Cost: 1
em1.0               DR      0.0.0.1         10.1.12.2       1.1.1.1            1
  Type: LAN, Address: 10.1.12.2, Mask: 255.255.255.0, MTU: 1500, Cost: 1
  DR addr: 10.1.12.2, BDR addr: 10.1.12.1, Priority: 128
  Adj count: 1
  Hello: 10, Dead: 40, ReXmit: 5, Not Stub
  Auth type: MD5, Active key ID: 10, Start time: 1970 Jan  1 00:00:00 UTC
  Protection type: None
  Topology default (ID 0) -> Cost: 1

[edit]

本文出自 “侯志清” 博客,谢绝转载!

你可能感兴趣的:(MD5,Authentication,juniper,ospf)