Filter
Top Products
Implementing OSPF on Cisco IOS XR Software
Information About Implementing OSPF on Cisco IOS XR Software
RC-136
Cisco IOS XR Routing Configuration Guide
Note MD5 authentication supports multiple keys, requiring that a key number be associated with a key.
Authentication Strategies
Authentication can be specified for an entire process or area, or on an interface or a virtual link. An
interface or virtual link can be configured for only one type of authentication, not both. Authentication
configured for an interface or virtual link overrides authentication configured for the area or process.
If you intend for all interfaces in an area to use the same type of authentication, you can configure fewer
commands if you use the area authentication command (and specify the message-digest keyword if
you want the entire area to use MD5 authentication). This strategy requires fewer commands than
specifying authentication for each interface.
Key Rollover
To support the changing of a plain text key or MD5 key in an operational network without disrupting
OSPF adjacencies (and hence the topology), a key rollover mechanism is supported. As a network
administrator configures the new key into the multiple networking devices that communicate, some time
exists when different devices are using both a new key and an old key. If an interface is configured with
a new key, the software sends two copies of the same packet, each authenticated by the old key and new
key. The software tracks which devices start using the new key, and the software stops sending duplicate
packets after it detects that all of its neighbors are using the new key. The software then discards the old
key. The network administrator must then remove the old key from each the configuration file of each
router.
Neighbors and Adjacency for OSPF
Routers that share a segment (Layer 2 link between two interfaces) become neighbors on that segment.
OSPF uses the hello protocol as a neighbor discovery and keep alive mechanism. The hello protocol
involves receiving and periodically sending hello packets out each interface. The hello packets list all
known OSPF neighbors on the interface. Routers become neighbors when they see themselves listed in
the hello packet of the neighbor. After two routers are neighbors, they may proceed to exchange and
synchronize their databases, which creates an adjacency. On broadcast and NBMA networks all
neighboring routers have an adjacency.
Designated Router (DR) for OSPF
On point-to-point and point-to-multipoint networks, the Cisco IOS XR software floods routing updates
to immediate neighbors. No DR or backup DR (BDR) exists; all routing information is flooded to each
router.
On broadcast or NBMA segments only, OSPF minimizes the amount of information being exchanged on
a segment by choosing one router to be a DR and one router to be a BDR. Thus, the routers on the
segment have a central point of contact for information exchange. Instead of each router exchanging
routing updates with every other router on the segment, each router exchanges information with the DR
and BDR. The DR and BDR relay the information to the other routers. On broadcast network segments
the number of OSPF packets is further reduced by the DR and BDR sending such OSPF updates to a
multicast IP address that all OSPF routers on the network segment are listening on.