配置OSPF认证
2008-04-23 18:18
253 查看
OSPF的认证分为基于区域和基于链路的认证两种,其中基于链路的认证优于基于区域的认证。
网络拓扑:
[align=left] [/align]
[align=left]一、基于区域的认证配置[/align]
[align=left] [/align]
[align=left]A、明文认证:[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]Router(config)#hostname RA
RA(config)#interface Loopback0
RA(config-if)#ip address 1.1.1.1 255.255.255.0
RA(config-if)#ip ospf network point-to-point
RA(config-if)#exit
RA(config)#interface Serial0/0
RA(config-if)#ip address 10.0.0.1 255.255.255.0
RA(config-if)#no shutdown
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#ip address 20.0.0.1 255.255.255.0
RA(config-if)#no shutdown
RA(config-if)#exit
RA(config)#router ospf 1
RA(config-router)#router-id 1.1.1.1
RA(config-router)#network 1.1.1.0 0.0.0.255 area 0
RA(config-router)#network 10.0.0.0 0.0.0.255 area 0
RA(config-router)#network 20.0.0.0 0.0.0.255 area 0
RA(config-router)#area 0 authentication
RA(config-router)#exit
RA(config)#interface Serial0/0
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit[/align]
[align=left] [/align]
[align=left]2、RB的配置如下:
Router(config)#hostname RB
RB(config)#interface Loopback0
RB(config-if)#ip address 2.2.2.2 255.255.255.0
RB(config-if)#ip ospf network point-to-point
RB(config-if)#exit
RB(config)#interface Serial0/0
RB(config-if)#ip address 10.0.0.2 255.255.255.0
RB(config-if)#no shutdown
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#ip address 30.0.0.1 255.255.255.0
RB(config-if)#no shutdown
RB(config-if)#exit
RB(config)#router ospf 1
RB(config-router)#router-id 2.2.2.2
RB(config-router)#network 2.2.2.0 0.0.0.255 area 0
RB(config-router)#network 10.0.0.0 0.0.0.255 area 0
RB(config-router)#network 30.0.0.0 0.0.0.255 area 0
RB(config-router)#area 0 authentication
RB(config-router)#exit
RB(config)#interface Serial0/0
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#exit[/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]Router(config)#hostname RC
RC(config)#interface Loopback0
RC(config-if)#ip address 3.3.3.3 255.255.255.0
RC(config-if)#ip ospf network point-to-point
RC(config-if)#exit
RC(config)#interface Serial0/1
RC(config-if)#ip address 20.0.0.2 255.255.255.0
RC(config-if)#no shutdown
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#ip address 30.0.0.2 255.255.255.0
RC(config-if)#no shutdown
RC(config-if)#exit
RC(config)#router ospf 1
RC(config-router)#router-id 3.3.3.3
RC(config-router)#network 3.3.3.0 0.0.0.255 area 0
RC(config-router)#network 20.0.0.0 0.0.0.255 area 0
RC(config-router)#network 30.0.0.0 0.0.0.255 area 0
RC(config-router)#area 0 authentication
RC(config-router)#exit
RC(config)#interface Serial0/1
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit[/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left] [/align]
[align=left]RA#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has simple password authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0xC461
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]RB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has simple password authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x908A
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left]
RC#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has simple password authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x5EB2
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]====================================================================[/align]
[align=left] [/align]
[align=left]B、MD5认证:首先,删除明文认证配置;然后,再配置MD5认证。[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]RA(config)#router ospf 1
RA(config-router)#no area 0 authentication
RA(config-router)#area 0 authentication message-digest
RA(config-router)#exit
RA(config)#interface Serial0/0
RA(config-if)#no ip ospf authentication-key cisco
RA(config-if)#ip ospf message-digest-key 1 md5 cisco
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#no ip ospf authentication-key cisco
RA(config-if)#ip ospf message-digest-key 1 md5 cisco
RA(config-if)#exit[/align]
[align=left] [/align]
[align=left]2、RB的配置如下:[/align]
[align=left]RB(config)#router ospf 1
RB(config-router)#no area 0 authentication
RB(config-router)#area 0 authentication message-digest
RB(config-router)#exit
RB(config)#interface Serial0/0
RB(config-if)#no ip ospf authentication-key cisco
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#no ip ospf authentication-key cisco
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-if)#exit[/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]RC(config)#router ospf 1
RC(config-router)#no area 0 authentication
RC(config-router)#area 0 authentication message-digest
RC(config-router)#exit
RC(config)#interface Serial0/1
RC(config-if)#no ip ospf authentication-key cisco
RC(config-if)#ip ospf message-digest-key 1 md5 cisco
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#no ip ospf authentication-key cisco
RC(config-if)#ip ospf message-digest-key 1 md5 cisco
RC(config-if)#exit[/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left] [/align]
[align=left]RA#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1 and Domain ID 0.
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 ns
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has message digest authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0xC262
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]RB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has message digest authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x908A
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]RC#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has message digest authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x5CB3
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]====================================================================[/align]
[align=left] [/align]
[align=left]二、基于链路的认证配置[/align]
[align=left] [/align]
[align=left] 基于链路的认证也分为明文认证和MD5认证。配置过程与基于区域的认证的配置过程基本相同;但是,需要删除“启动区域认证”的配置信息。[/align]
[align=left] [/align]
[align=left]A、MD5认证:[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]RA(config)#router ospf 1
RA(config-router)#no area 0 authentication message-digest[/align]
[align=left]RA(config-router)#exit[/align]
[align=left]!
interface Serial0/0
ip address 10.0.0.1 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
interface Serial0/1
ip address 20.0.0.1 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
router ospf 1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 10.0.0.0 0.0.0.255 area 0
network 20.0.0.0 0.0.0.255 area 0
![/align]
[align=left] [/align]
[align=left]2、RB的配置如下:[/align]
[align=left]RB(config)#router ospf 1
RB(config-router)#no area 0 authentication message-digest
RB(config-router)#exit[/align]
[align=left]!
interface Serial0/0
ip address 10.0.0.2 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
interface Serial0/2
ip address 30.0.0.1 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 0
network 10.0.0.0 0.0.0.255 area 0
network 30.0.0.0 0.0.0.255 area 0
![/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]RC(config)#router ospf 1
RC(config-router)#no area 0 authentication message-digest
RC(config-router)#exit[/align]
[align=left]!
interface Serial0/1
ip address 20.0.0.2 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 ci
!
interface Serial0/2
ip address 30.0.0.2 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 ci
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 0
network 20.0.0.0 0.0.0.255 area 0
network 30.0.0.0 0.0.0.255 area 0
![/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left]RA#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1 and Domain ID 0.0.0.
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has no authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0xBE64
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]====================================================================[/align]
[align=left] [/align]
[align=left]B、明文认证:首先,删除MD5认证信息;然后,再配置明文认证。[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]RA(config)#interface Serial0/0
RA(config-if)#no ip ospf message-digest-key 1 md5 cisco
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#no ip ospf message-digest-key 1 md5 cisco
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit[/align]
[align=left] [/align]
[align=left]2、RB的配置如下:[/align]
[align=left]RB(config)#interface Serial0/0
RB(config-if)#no ip ospf message-digest-key 1 md5 cisco
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#no ip ospf message-digest-key 1 md5 cisco
RB(config-if)#ip ospf authentication-key cisco[/align]
[align=left]RB(config-if)#exit[/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]RC(config)#interface Serial0/1
RC(config-if)#no ip ospf message-digest-key 1 md5 cisco
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#no ip ospf message-digest-key 1 md5 cisco
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit[/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left]RB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has no authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x8A8D
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left] [/align]本文出自 “Uione” 博客,请务必保留此出处http://weiqijun.blog.51cto.com/338163/73186
网络拓扑:
[align=left] [/align]
[align=left]一、基于区域的认证配置[/align]
[align=left] [/align]
[align=left]A、明文认证:[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]Router(config)#hostname RA
RA(config)#interface Loopback0
RA(config-if)#ip address 1.1.1.1 255.255.255.0
RA(config-if)#ip ospf network point-to-point
RA(config-if)#exit
RA(config)#interface Serial0/0
RA(config-if)#ip address 10.0.0.1 255.255.255.0
RA(config-if)#no shutdown
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#ip address 20.0.0.1 255.255.255.0
RA(config-if)#no shutdown
RA(config-if)#exit
RA(config)#router ospf 1
RA(config-router)#router-id 1.1.1.1
RA(config-router)#network 1.1.1.0 0.0.0.255 area 0
RA(config-router)#network 10.0.0.0 0.0.0.255 area 0
RA(config-router)#network 20.0.0.0 0.0.0.255 area 0
RA(config-router)#area 0 authentication
RA(config-router)#exit
RA(config)#interface Serial0/0
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit[/align]
[align=left] [/align]
[align=left]2、RB的配置如下:
Router(config)#hostname RB
RB(config)#interface Loopback0
RB(config-if)#ip address 2.2.2.2 255.255.255.0
RB(config-if)#ip ospf network point-to-point
RB(config-if)#exit
RB(config)#interface Serial0/0
RB(config-if)#ip address 10.0.0.2 255.255.255.0
RB(config-if)#no shutdown
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#ip address 30.0.0.1 255.255.255.0
RB(config-if)#no shutdown
RB(config-if)#exit
RB(config)#router ospf 1
RB(config-router)#router-id 2.2.2.2
RB(config-router)#network 2.2.2.0 0.0.0.255 area 0
RB(config-router)#network 10.0.0.0 0.0.0.255 area 0
RB(config-router)#network 30.0.0.0 0.0.0.255 area 0
RB(config-router)#area 0 authentication
RB(config-router)#exit
RB(config)#interface Serial0/0
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#exit[/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]Router(config)#hostname RC
RC(config)#interface Loopback0
RC(config-if)#ip address 3.3.3.3 255.255.255.0
RC(config-if)#ip ospf network point-to-point
RC(config-if)#exit
RC(config)#interface Serial0/1
RC(config-if)#ip address 20.0.0.2 255.255.255.0
RC(config-if)#no shutdown
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#ip address 30.0.0.2 255.255.255.0
RC(config-if)#no shutdown
RC(config-if)#exit
RC(config)#router ospf 1
RC(config-router)#router-id 3.3.3.3
RC(config-router)#network 3.3.3.0 0.0.0.255 area 0
RC(config-router)#network 20.0.0.0 0.0.0.255 area 0
RC(config-router)#network 30.0.0.0 0.0.0.255 area 0
RC(config-router)#area 0 authentication
RC(config-router)#exit
RC(config)#interface Serial0/1
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit[/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left] [/align]
[align=left]RA#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has simple password authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0xC461
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]RB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has simple password authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x908A
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left]
RC#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has simple password authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x5EB2
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]====================================================================[/align]
[align=left] [/align]
[align=left]B、MD5认证:首先,删除明文认证配置;然后,再配置MD5认证。[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]RA(config)#router ospf 1
RA(config-router)#no area 0 authentication
RA(config-router)#area 0 authentication message-digest
RA(config-router)#exit
RA(config)#interface Serial0/0
RA(config-if)#no ip ospf authentication-key cisco
RA(config-if)#ip ospf message-digest-key 1 md5 cisco
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#no ip ospf authentication-key cisco
RA(config-if)#ip ospf message-digest-key 1 md5 cisco
RA(config-if)#exit[/align]
[align=left] [/align]
[align=left]2、RB的配置如下:[/align]
[align=left]RB(config)#router ospf 1
RB(config-router)#no area 0 authentication
RB(config-router)#area 0 authentication message-digest
RB(config-router)#exit
RB(config)#interface Serial0/0
RB(config-if)#no ip ospf authentication-key cisco
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#no ip ospf authentication-key cisco
RB(config-if)#ip ospf message-digest-key 1 md5 cisco
RB(config-if)#exit[/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]RC(config)#router ospf 1
RC(config-router)#no area 0 authentication
RC(config-router)#area 0 authentication message-digest
RC(config-router)#exit
RC(config)#interface Serial0/1
RC(config-if)#no ip ospf authentication-key cisco
RC(config-if)#ip ospf message-digest-key 1 md5 cisco
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#no ip ospf authentication-key cisco
RC(config-if)#ip ospf message-digest-key 1 md5 cisco
RC(config-if)#exit[/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left] [/align]
[align=left]RA#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1 and Domain ID 0.
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 ns
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has message digest authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0xC262
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]RB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has message digest authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x908A
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]RC#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has message digest authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x5CB3
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]====================================================================[/align]
[align=left] [/align]
[align=left]二、基于链路的认证配置[/align]
[align=left] [/align]
[align=left] 基于链路的认证也分为明文认证和MD5认证。配置过程与基于区域的认证的配置过程基本相同;但是,需要删除“启动区域认证”的配置信息。[/align]
[align=left] [/align]
[align=left]A、MD5认证:[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]RA(config)#router ospf 1
RA(config-router)#no area 0 authentication message-digest[/align]
[align=left]RA(config-router)#exit[/align]
[align=left]!
interface Serial0/0
ip address 10.0.0.1 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
interface Serial0/1
ip address 20.0.0.1 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
router ospf 1
log-adjacency-changes
network 1.1.1.0 0.0.0.255 area 0
network 10.0.0.0 0.0.0.255 area 0
network 20.0.0.0 0.0.0.255 area 0
![/align]
[align=left] [/align]
[align=left]2、RB的配置如下:[/align]
[align=left]RB(config)#router ospf 1
RB(config-router)#no area 0 authentication message-digest
RB(config-router)#exit[/align]
[align=left]!
interface Serial0/0
ip address 10.0.0.2 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
interface Serial0/2
ip address 30.0.0.1 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 cisco
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.0 0.0.0.255 area 0
network 10.0.0.0 0.0.0.255 area 0
network 30.0.0.0 0.0.0.255 area 0
![/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]RC(config)#router ospf 1
RC(config-router)#no area 0 authentication message-digest
RC(config-router)#exit[/align]
[align=left]!
interface Serial0/1
ip address 20.0.0.2 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 ci
!
interface Serial0/2
ip address 30.0.0.2 255.255.255.0
ip ospf authentication
ip ospf message-digest-key 1 md5 ci
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.0 0.0.0.255 area 0
network 20.0.0.0 0.0.0.255 area 0
network 30.0.0.0 0.0.0.255 area 0
![/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left]RA#show ip ospf
Routing Process "ospf 1" with ID 1.1.1.1 and Domain ID 0.0.0.
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has no authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0xBE64
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left]====================================================================[/align]
[align=left] [/align]
[align=left]B、明文认证:首先,删除MD5认证信息;然后,再配置明文认证。[/align]
[align=left] [/align]
[align=left]1、RA的配置如下:[/align]
[align=left]RA(config)#interface Serial0/0
RA(config-if)#no ip ospf message-digest-key 1 md5 cisco
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit
RA(config)#interface Serial0/1
RA(config-if)#no ip ospf message-digest-key 1 md5 cisco
RA(config-if)#ip ospf authentication-key cisco
RA(config-if)#exit[/align]
[align=left] [/align]
[align=left]2、RB的配置如下:[/align]
[align=left]RB(config)#interface Serial0/0
RB(config-if)#no ip ospf message-digest-key 1 md5 cisco
RB(config-if)#ip ospf authentication-key cisco
RB(config-if)#exit
RB(config)#interface Serial0/2
RB(config-if)#no ip ospf message-digest-key 1 md5 cisco
RB(config-if)#ip ospf authentication-key cisco[/align]
[align=left]RB(config-if)#exit[/align]
[align=left] [/align]
[align=left]3、RC的配置如下:[/align]
[align=left]RC(config)#interface Serial0/1
RC(config-if)#no ip ospf message-digest-key 1 md5 cisco
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit
RC(config)#interface Serial0/2
RC(config-if)#no ip ospf message-digest-key 1 md5 cisco
RC(config-if)#ip ospf authentication-key cisco
RC(config-if)#exit[/align]
[align=left] [/align]
[align=left]4、验证配置:[/align]
[align=left]RB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2 and Domain ID 0.0.0.1
Supports only single TOS(TOS0) routes
Supports opaque LSA
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x0
Number of opaque AS LSA 0. Checksum Sum 0x0
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
External flood list length 0
Area BACKBONE(0) (Inactive)
Number of interfaces in this area is 3
Area has no authentication
SPF algorithm executed 1 times
Area ranges are
Number of LSA 1. Checksum Sum 0x8A8D
Number of opaque link LSA 0. Checksum Sum 0x0
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0[/align]
[align=left] [/align]
[align=left] [/align]本文出自 “Uione” 博客,请务必保留此出处http://weiqijun.blog.51cto.com/338163/73186
相关文章推荐
- BSCI实验之十三:配置点到点链路OSPF及认证
- BSCI实验之十三:配置点到点链路OSPF及认证
- 配置单区域OSPF认证
- BSCI―9:配置OSPF认证
- OSPF认证方式及配置详解
- 配置OSPF认证
- 关于ospf区域认证以及虚链路之间的配置问题
- 点到点多区域OSPF的安全认证和vritual-link(虚链路)的作用及配置.
- CCNP第四天(4) 配置OSPF认证
- 配置OSPF认证详解
- 配置点到点链路OSPF及认证
- 网络设备之间配置OSPF认证
- 华为OSPF多区域、认证配置
- 华为OSPF多区域、认证配置
- OSPF认证的配置
- 配置单区域OSPF认证
- RIPv2-EIGRP-BGP-OSPF[链路-区域-虚链路][明文-MD5]各认证配置
- NE系列路由器V5版本OSPF邻居认证的配置
- 配置OSPF认证详解