Hi,
Probably they wanted to show a typical error. Enabling MD5 authentication and
setting a clear text password...
interface Ethernet0/0
ip address 10.10.12.2 255.255.255.0
ip ospf authentication message-digest
ip ospf authentication-key cisco
ip ospf 1 area 0
end
R2(config-if)#do sh ip os int
Ethernet0/0 is up, line protocol is up
Internet Address 10.10.12.2/24, Area 0
Process ID 1, Router ID 10.10.12.2, Network Type BROADCAST, Cost: 10
Topology-MTID Cost Disabled Shutdown Topology Name
0 10 no no Base
Enabled by interface config, including secondary ip addresses
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.10.12.2, Interface address 10.10.12.2
Backup Designated router (ID) 10.10.12.1, Interface address 10.10.12.1
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:04
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 2, maximum is 2
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.10.12.1 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
Message digest authentication enabled
No key configured, using default key id 0
As you can see, MD5 is enabled and as no key has been defined, it is using the
default key id 0 aka NULL key... And if you're consistent in your mistake,
you'll have OSPF neighborship...
Regards,
Christophe
On 17 Aug 2011, at 15:53, marc abel wrote:
> Yeah, I am not sure what they were trying to show there. Even their
> own output contradicts the comment. It has to be some kind of
> mistake.
>
> On Wed, Aug 17, 2011 at 5:41 AM, Atle Ørn Hardarson
> <[email protected]> wrote:
>> But that is not the case here?
>>
>> Atle
>>
>> On Tue, Aug 16, 2011 at 7:54 PM, marc abel <[email protected]> wrote:
>>
>>> Key 0 will show up if you have specified MD5 authentication, but not
>>> actually configured a valid MD5 password. This can lead you to think
>>> you are authenticating, but likely getting 0 points.
>>>
>>> On Tue, Aug 16, 2011 at 11:36 AM, Atle Ørn Hardarson
>>> <[email protected]> wrote:
>>>> Hi guys
>>>>
>>>> Regarding Lab 3 in Workbook II:
>>>>
>>>> Task 3.2 states: "Configure MD5 authentication for the link between R7
>>> and
>>>> R8 with password cisco".
>>>>
>>>> The Solution Guide provides the correct solution, but has an additional
>>>> comment which I do not understand -
>>>>
>>>> "Verify with show ip ospf interface. Look carefully at the last few
>>> lines.
>>>> Key ID is 0, which is a null key".
>>>>
>>>> --------------------------------------------------------------------
>>>> R8# show ip ospf int
>>>> Serial0/0/0 is up, line protocol is up
>>>> Internet address 110.99.78.8/24, Area 100
>>>> Process ID 1, Router ID 110.99.8.8, Network Type POINT_TO_POINT, Cost: 64
>>>> Enabled by interface config, including secondary ip addresses
>>>> Transmit Delay is 1 sec, State POINT_TO_POINT,
>>>> Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
>>>> oob-resync timeout 40
>>>> Hello due in 00:00:02
>>>> Supports link-local signalling (LLS)
>>>> Index 1/1, flood queue length 0
>>>> Next 0x0(0) / 0x0(0)
>>>> Last flood scan length is 1, maximum is 1
>>>> Last flood scan time is 0 msec, maximum is 0 msec
>>>> Neighbor Count is 1, Adjacent neighbor count is 1
>>>> Adjacent with neighbor 110.99.7.7
>>>> Suppress hello for 0 neighbor(s)
>>>> Message digest authentication enabled
>>>> Youngest key id is 1
>>>> R8#
>>>> R8#
>>>> --------------------------------------------------------------------
>>>>
>>>> The Key ID in the output is 1, in fact, it is not possible to configure a
>>>> key ID of 0 with MD5 authentication:
>>>>
>>>> R7(config-if)#ip ospf message-digest-key ?
>>>> <1-255> Key ID
>>>>
>>>> So what is the solution guide referring to here? Is it a typo, or is my
>>> puny
>>>> brain missing something? What is a "null key" in this scenario?
>>>>
>>>> One more thing - the "Initial Config" of R9 is really the "Final Config".
>>> It
>>>> has the MLPPP with multicast routing and everything. Can you please
>>> correct
>>>> this, and update the downloadable fileset to include the correct Initial
>>>> Config for R9. Thanks...
>>>>
>>>> Atle Hardarson
>>>> _______________________________________________
>>>> For more information regarding industry leading CCIE Lab training, please
>>> visit www.ipexpert.com
>>>>
>>>> Are you a CCNP or CCIE and looking for a job? Check out
>>> www.PlatinumPlacement.com
>>>>
>>>
>> _______________________________________________
>> For more information regarding industry leading CCIE Lab training, please
>> visit www.ipexpert.com
>>
>> Are you a CCNP or CCIE and looking for a job? Check out
>> www.PlatinumPlacement.com
>>
> _______________________________________________
> For more information regarding industry leading CCIE Lab training, please
> visit www.ipexpert.com
>
> Are you a CCNP or CCIE and looking for a job? Check out
> www.PlatinumPlacement.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
