Brocade BigIron RX Series Configuration Guide User Manual
Page 845
BigIron RX Series Configuration Guide
767
53-1002484-04
Configuring OSPF
26
Encrypted display of the authentication string or MD5 authentication key
The Brocade implementation of OSPF authentication is based on RFC 2328. The optional 0 | 1
parameter with the authentication-key and md5-authentication key-id parameters affects
encryption.
For added security, the device encrypts display of the password or authentication string. Encryption
is enabled by default. The software also provides an optional parameter to disable encryption of a
password or authentication string, on an individual OSPF area or OSPF interface basis.
When encryption of the passwords or authentication strings is enabled, they are encrypted in the
CLI regardless of the access level you are using. The encryption option can be omitted (the default)
or can be one of the following:
•
0 – Disables encryption for the password or authentication string you specify with the
command. The password or string is shown as clear text in the running configuration and the
startup configuration file. Use this option if you do not want display of the password or string to
be encrypted.
•
1 – Assumes that the password or authentication string you enter is the encrypted form, and
decrypts the value before using it.
MD5-authentication activation wait
time
The number of seconds the device waits until placing a new MD5 key into
effect. The wait time provides a way to gracefully transition from one MD5
key to another without disturbing the network. The wait time can be from 0
– 14400 seconds. The default is 300 seconds (5 minutes).
MD5-authentication key ID and key
A method of authentication that requires you to configure a key ID and an
MD5 key. The key ID is a number from 1 – 255 and identifies the MD5 key
that is being used. The MD5 key consists of up to 16 alphanumeric
characters. The MD5 is encrypted and included in each OSPF packet
transmitted.
Passive
When you configure an OSPF interface to be passive, that interface does
not send or receive OSPF route updates. By default, all OSPF interfaces are
active and thus can send and receive OSPF route information. Since a
passive interface does not send or receive route information, the interface
is in effect a stub network. OSPF interfaces are active by default.
NOTE: This option affects all IP subnets configured on the interface. If you
want to disable OSPF updates only on some of the IP subnets on
the interface, use the ospf-ignore or ospf-passive parameter with
the ip address command. Refer to
“Assigning an IP address to an
Priority
Allows you to modify the priority of an OSPF router. The priority is used
when selecting the designated router (DR) and backup designated routers
(BDRs). The value can be from 0 – 255. The default is 1. If you set the
priority to 0, the device does not participate in DR and BDR election.
Retransmit-interval
The time between retransmissions of link-state advertisements (LSAs) to
adjacent routers for this interface. The value can be from 0 – 3600
seconds. The default is 5 seconds.
Transit-delay
The time it takes to transmit Link State Update packets on this interface.
The value can be from 0 – 3600 seconds. The default is 1 second.