Authentication in OSPFv3

Derek Pan DPan at advaoptical.com
Mon Mar 19 02:00:39 CET 2018


Hi Ondrej,

Got it. It's very clear. Thanks. 

Best regards,

Derek Pan
ADVA Shenzhen

-----Original Message-----
From: Ondrej Zajicek [mailto:santiago at crfreenet.org] 
Sent: Saturday, March 17, 2018 7:08 AM
To: Derek Pan <DPan at advaoptical.com>
Cc: Job Snijders <job at instituut.net>; Stuart Henderson <stu at spacehopper.org>; bird-users at network.cz; Asky Lee <ALee at advaoptical.com>
Subject: Re: Authentication in OSPFv3

On Fri, Mar 16, 2018 at 01:58:33AM +0000, Derek Pan wrote:
> Hi Job and Stuart,
> 
> Thanks for your reply. 
> 
> I know the ospfv3 authentication relies on IPsec. 
> But I'm still a little confused with the words:  
> "The default cryptographic algorithm for OSPFv2 keys is Keyed-MD5 and for OSPFv3 keys is HMAC-SHA-256."

Hi

We currently do not support authentication in OSPFv3, but we have some WiP on RFC 7166, and this note in documentation gets here from that.
So, when we will have RFC 7166, default would be HMAC-SHA-256.

--
Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."



More information about the Bird-users mailing list