Whether are compatible Cisco IOS and BIRD at usage OSPF MD5 ofauthentification?

Владислав Гришин Vladislav.Grishin at vts24.ru
Tue Jul 13 14:57:27 CEST 2010


Debug output of cisco 3550 after I insert command 'ip ospf lls disable'.

...
interface Vlan550
 ip address 10.10.1.3 255.255.255.128
 ip ospf authentication
 ip ospf message-digest-key 1 md5 7 15220D080E26292F2E6760
 ip ospf priority 5
 ip ospf lls disable
...

10.10.1.1 and 10.10.1.2 is IPs of bird.

3550-L3-S1#debug ip ospf events
OSPF events debugging is on
3550-20a-L3-S1#debug ip ospf hello
OSPF hello events debugging is on
3550-20a-L3-S1#
*Mar 16 02:45:55.637: OSPF: Send hello to 224.0.0.5 area 0 on Vlan550 from
10.10.1.3
*Mar 16 02:45:55.637: OSPF: Rcv pkt from 10.10.1.2, Vlan550 : Mismatch
Authentication type. Input packet specified type 2, we use type 1
*Mar 16 02:45:56.593: OSPF: end of Wait on interface Vlan550
*Mar 16 02:45:56.593: OSPF: DR/BDR election on Vlan550
*Mar 16 02:45:56.593: OSPF: Elect BDR 10.10.1.3
*Mar 16 02:45:56.593: OSPF: Elect DR 10.10.1.3
*Mar 16 02:45:56.593: OSPF: Elect BDR 0.0.0.0
*Mar 16 02:45:56.593: OSPF: Elect DR 10.10.1.3
*Mar 16 02:45:56.593:        DR: 10.10.1.3 (Id)   BDR: none
*Mar 16 02:45:57.093: OSPF: No full nbrs to build Net Lsa for interface
Vlan550
*Mar 16 02:45:58.049: OSPF: Rcv pkt from 10.10.1.1, Vlan550 : Mismatch
Authentication type. Input packet specified type 0, we use type 1
*Mar 16 02:46:04.821: OSPF: Rcv pkt from 10.10.1.2, Vlan550 : Mismatch
Authentication type. Input packet specified type 2, we use type 1
*Mar 16 02:46:05.261: OSPF: Send hello to 224.0.0.5 area 0 on Vlan550 from
10.10.1.3
*Mar 16 02:46:08.525: OSPF: Rcv pkt from 10.10.1.1, Vlan550 : Mismatch
Authentication type. Input packet specified type 0, we use type 1
*Mar 16 02:46:14.537: OSPF: Send hello to 224.0.0.5 area 0 on Vlan550 from
10.10.1.3
*Mar 16 02:46:15.537: OSPF: Rcv pkt from 10.10.1.2, Vlan550 : Mismatch
Authentication type. Input packet specified type 2, we use type 1
*Mar 16 02:46:18.201: OSPF: Rcv pkt from 10.10.1.1, Vlan550 : Mismatch
Authentication type. Input packet specified type 0, we use type 1
*Mar 16 02:46:23.745: OSPF: Send hello to 224.0.0.5 area 0 on Vlan550 from
10.10.1.3
3550-20a-L3-S1#

"Specified type 2" is result of bird command 'authentication cryptographic'.
"Specified type 0" is result of bird command 'authentication none'.


[root at border-t2 ~]# tail -f /var/log/messages
May 15 16:55:03 border-t2 bird: OSPF: Bad packet from 10.10.1.3 -
authentification failed
May 15 16:55:05 border-t2 bird: OSPF: Bad packet from 10.10.1.1 -
authentification failed
May 15 16:55:13 border-t2 bird: OSPF: Bad packet from 10.10.1.3 -
authentification failed
May 15 16:55:15 border-t2 bird: OSPF: Bad packet from 10.10.1.1 -
authentification failed
May 15 16:55:22 border-t2 bird: OSPF: Bad packet from 10.10.1.3 -
authentification failed


-----Original Message-----
From: owner-bird-users at atrey.karlin.mff.cuni.cz
[mailto:owner-bird-users at atrey.karlin.mff.cuni.cz] On Behalf Of Ondrej
Zajicek
Sent: Tuesday, July 13, 2010 4:22 PM
To: Vitaliy Kolodinsky
Cc: ????????? ??????; bird-users at trubka.network.cz
Subject: Re: Whether are compatible Cisco IOS and BIRD at usage OSPF MD5
ofauthentification?

On Tue, Jul 13, 2010 at 01:48:44PM +0300, Vitaliy Kolodinsky wrote:
> > Cisco1 with cisco2 have installed the neighbourhood with each other. 
> > Bird1 and bird2 have installed the neighbourhood with each other, but
Cisco?
> > bird? not.
> 
> > Give examples of configs if exist.
> 
> > Vladislav Grishin
> 
> You can use a patch to enable bird to work correctly with LLS packages
> or you can disable the LLS at the interfaces cisco
> ip ospf lls disable

I think that the problem with LLS is fixed in BIRD version 1.2.2 .

-- 
Elen sila lumenn' omentielvo

Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."




More information about the Bird-users mailing list