OS10 Enterprise Edition User Guide Release 10.4.0E(R3)


ipv6 ospf authentication

Configures OSPFv3 authentication on an IPv6 interface.

ipv6 ospf authentication {null | ipsec spi number {MD5 | SHA1} key}
  • null — Prevents area authentication from being inherited on the interface.
  • ipsec spi number — Enter a unique security policy index number (256 to 4294967295).
  • md5 — Enable MD5 authentication.
  • sha1 — Enable SHA-1 authentication.
  • key — Enter the text string used by the authentication type.
IPv6 OSPF authentication is not configured on an interface.
Command Mode
Usage Information
  • Before you enable IPsec authentication on an OSPFv3 interface, you must enable IPv6 unicast routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign it to an area.
  • The SPI value must be unique to one IPsec security policy (authentication or encryption) on the router. You cannot configure the same SPI value on another interface even if it uses the same authentication or encryption algorithm.
  • You cannot use an IPsec authentication type (MD5 or SHA-1) and the null setting at same time on an interface. These settings are mutually exclusive.
  • All neighboring OSPFv3 routers must share the key to exchange information. Only a non-encrypted key is supported. For MD5 authentication, the non-encrypted key must be 32 plain hex digits. For SHA-1 authentication, the non-encrypted key must be 40 hex digits. An encrypted key is not supported.
OS10(config)# interface ethernet 1/1/6
                                       OS10(conf-if-eth1/1/6)# ipv6 ospf authentication ipsec spi 400 md5 12345678123456781234567812345678
Supported Releases
10.4.0E(R1) or later

Rate this content

Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\