Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell PowerEdge FN I/O Module Command Line Reference Guide 9.10(0.0)

PDF

ipv6 ospf encryption

Configure an IPsec encryption policy for OSPFv3 packets on an IPv6 interface.

Syntax ipv6 ospf encryption {null | ipsec spi number esp encryption-algorithm [ key-encryption-type] key athentication-algorithm [ key-encryption-type] key}}

To remove an IPsec encryption policy from an interface, use the no ipv6 ospf encryption spi number command.

To remove null authentication on an interface to allow the interface to inherit the authentication policy configured for the OSPFv3 area, use the no ipv6 ospf encryption null command.

Parameters
null Causes an encryption policy configured for the area to not be inherited on the interface.
ipsec spi number Security Policy index (SPI) value that identifies an IPsec security policy. The range is from 256 to 4294967295.
esp encryption-algorithm

Encryption algorithm used with ESP.

Valid values are: 3DES, DES, AES-CBC, and NULL.

For AES-CBC, only the AES-128 and AES-192 ciphers are supported.

key-encryption-type

(OPTIONAL) Specifies if the key is encrypted.

Valid values: 0 (key is not encrypted) or 7 (key is encrypted).

key

Text string used in authentication.

The required lengths of a non-encrypted or encrypted key are:

3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-CBC -32 or 64 hex digits for AES-128 and 48 or 96 hex digits for AES-192.

authentication-algorithm Specifies the authentication algorithm to use for encryption. Valid values are MD5 or SHA1.
key-encryption-type

(OPTIONAL) Specifies if the authentication key is encrypted.

Valid values: 0 (key is not encrypted) or 7 (key is encrypted).

key

Text string used in authentication.

For MD5 authentication, the key must be 32 hex digits (non-encrypted) or 64 hex digits (encrypted).

For SHA-1 authentication, the key must be 40 hex digits (non-encrypted) or 80 hex digits (encrypted).

Defaults Not configured.
Command Modes INTERFACE
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information

Before you enable IPsec encryption on an OSPFv3 interface, first enable IPv6 unicast routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign the interface to an area.

An SPI value must be unique to one IPsec security policy (authentication or encryption) on the router. Configure the same encryption policy (same SPI and key) on each OSPFv3 interface in a link.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\