Brocade Virtual ADX Switch and Router Guide (Supporting ADX v03.1.00) User Manual
Page 194
180
Brocade Virtual ADX Switch and Router Guide
53-1003246-01
Enabling OSPFv3
7
Displaying IPsec for a virtual link
To display IPsec for a virtual link, run the show ipv6 ospf virtual-link command, as the following
example illustrates.
Syntax: show ipv6 ospf virtual-link
Changing a key
In this example, the key is changed as illustrated in the two command lines that follow. Note that
the SPI value is changed from 300 to 310 to comply with the requirement that you change the SPI
when you change the key.
Initial configuration command.
Virtual ADX(config-if-e10000-1)#ipv6 ospf auth ipsec spi 300 esp sha1
no-encrypt 12345678900987655431234567890aabbccddef
Command line for changing the key.
Virtual ADX(config-if-e10000-1)#ipv6 ospf auth ipsec spi 310 esp sha1
no-encrypt 989898989009876554321234567890aabbccddef
Old (Inbound or
Outbound)
Shows old SPI (if changed), authentication algorithm (currently ESP only),
encryption algorithm (currently SHA1 only), and the old key.
OSPF messages
dropped
Shows the number of packets dropped because the packets failed
authentication (for any reason).
TABLE 22
Area configuration of IPsec (Continued)
This field...
Displays...
Virtual ADX# show ipv6 ospf virtual-link
Transit Area ID Router ID Interface Address State
1 14.14.14.14 2001:db8:3000:1:1:1::1 P2P
Timer intervals(sec) :
Hello 10, Hello Jitter 10, Dead 40, Retransmit 5, TransmitDelay 1
DelayedLSAck: 5 times
Authentication: Configured
KeyRolloverTime(sec): Configured: 10 Current: 0
KeyRolloverState: NotActive
Outbound: SPI:100004, ESP, SHA1
Key:1234567890123456789012345678901234567890
Inbound: SPI:100004, ESP, SHA1
Key:1234567890123456789012345678901234567890
Statistics:
Type tx rx tx-byte rx-byte
Unknown 0 0 0 0
Hello 65 65 2600 2596
DbDesc 4 4 2752 2992
LSReq 1 1 232 64
LSUpdate 11 5 1040 1112
LSAck 5 8 560 448
OSPF messages dropped,no authentication: 0
Neighbor: State: Full Address: 2001:db8:44:44:44::4 Interface: eth 2/2