Changing the timer for ospf authentication changes – Brocade Communications Systems Layer 3 Routing Configuration ICX 6650 User Manual

186

Brocade ICX 6650 Layer 3 Routing Configuration Guide

53-1002603-01

Configuring OSPF

Retransmit-interval: The time between retransmissions of link-state advertisements (LSAs) to
adjacent routers for this interface. The value can be from 0 through 3600 seconds. The default is
5 seconds.

Transit-delay: The time it takes to transmit Link State Update packets on this interface. The value
can be from 0 through 3600 seconds. The default is 1 second.

Encrypted display of the authentication string or MD5 authentication key

The optional 0 | 1 parameter with the authentication-key and md5-authentication key-id
parameters affects encryption.

For added security, devices encrypt display of the password or authentication string. Encryption is
enabled by default. The software also provides an optional parameter to disable encryption of a
password or authentication string, on an individual OSPF area or OSPF interface basis.

When encryption of the passwords or authentication strings is enabled, they are encrypted in the
CLI regardless of the access level you are using.

The encryption option can be omitted (the default) or can be one of the following:

•

0 – Disables encryption for the password or authentication string you specify with the
command. The password or string is shown as clear text in the running-config and the
startup-config file. Use this option of you do not want display of the password or string to be
encrypted.

•

1 – Assumes that the password or authentication string you enter is the encrypted form, and
decrypts the value before using it.

NOTE

If you want the software to assume that the value you enter is the clear-text form, and to encrypt
display of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software
to use the default behavior.

If you specify encryption option 1, the software assumes that you are entering the encrypted form
of the password or authentication string. In this case, the software decrypts the password or string
you enter before using the value for authentication. If you accidentally enter option 1 followed by
the clear-text version of the password or string, authentication will fail because the value used by
the software will not match the value you intended to use.

If you want to display the authentication string in the output of the show ip ospf interface
command, enter the following commands.

Brocade(config)# enable password-display

Brocade# show ip ospf interface 10.1.1.1

The enable password-display command enables display of the authentication string, but only in the
output of the show ip ospf interface command. Display of the string is still encrypted in the
startup-config file and running-config. Enter the command at the global CONFIG level of the CLI.

Changing the timer for OSPF authentication changes

When you make an OSPF authentication change, the software uses the authentication-change
timer to gracefully implement the change. The software implements the change in the following
ways: