OSPF MD5 Authentication

  • 1
  • Question
  • Updated 8 months ago
Following the online documentation for 3.2.1, which I'm using, trying to set up OSPF MD5 Authentication.  However, on my switch, running 3.2.1, from (config)# in vtysh, 'ip ospf authentication...' is not available.  

When I try to it NCLU, I don't see any MD5 / or Authentication options anywhere....is there something that I'm missing, some daemon that needs to be enabled?
Photo of Troy MacDonald

Troy MacDonald

  • 720 Points 500 badge 2x thumb

Posted 11 months ago

  • 1
Photo of Erik Auerswald

Erik Auerswald

  • 270 Points 250 badge 2x thumb
Hi Troy,

"traditionally" OSPF authentication parameters are configured under the interface, not in global configuration mode. That seems to be the case for Quagga as well, see http://www.nongnu.org/quagga/docs/docs-multi/OSPF-Configuration-Examples.html.

The Cumulus documentation at https://docs.cumulusnetworks.com/display/DOCS/Open+Shortest+Path+First+-+OSPF+-+Protocol might be wrong regarding how to configure OSPF MD5 authentication.

Photo of Donald Sharp

Donald Sharp, Employee

  • 182 Points 100 badge 2x thumb
Troy -

You are correct, the cumulus documentation appears to incorrectly tell you that you do not need to be in interface sub mode.  I'll get the documentation updated
Photo of Pete B

Pete B, Official Rep

  • 2,774 Points 2k badge 2x thumb
A little late to the party, but as of Cumulus Linux 3.3.0, you can use NCLU to configure MD5 auth for OSPF. And Erik is correct that it's to be done at the interface level. I'll work on updating the docs now.

`net add interface <interface> ospf message-digest-key <1-255> md5 <text>`