Authentication in OSPFv3

Ondrej Zajicek santiago at crfreenet.org
Sat Mar 17 00:08:12 CET 2018


On Fri, Mar 16, 2018 at 01:58:33AM +0000, Derek Pan wrote:
> Hi Job and Stuart,
> 
> Thanks for your reply. 
> 
> I know the ospfv3 authentication relies on IPsec. 
> But I'm still a little confused with the words:  
> "The default cryptographic algorithm for OSPFv2 keys is Keyed-MD5 and for OSPFv3 keys is HMAC-SHA-256."

Hi

We currently do not support authentication in OSPFv3, but we have some
WiP on RFC 7166, and this note in documentation gets here from that.
So, when we will have RFC 7166, default would be HMAC-SHA-256.

-- 
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."


More information about the Bird-users mailing list