C
ONFIGURING
THE
S
WITCH
3-318
- Routes are subsequently assigned a metric equal to the sum of all
metrics for each interface link in the route.
• Authentication Type – Specifies the authentication type used for an
interface. (Options: None, Simple password, MD5; Default: None)
- Use authentication to prevent routers from inadvertently joining an
unauthorized area. Configure routers in the same area with the same
password or key.
- When using simple password authentication, a password is included
in the packet. If it does not match the password configured on the
receiving router, the packet is discarded. This method provides very
little security as it is possible to learn the authentication key by
snooping on routing protocol packets.
- When using Message-Digest 5 (MD5) authentication, the router uses
the MD5 algorithm to verify data integrity by creating a 128-bit
message digest from the authentication key. Without the proper key
and key-id, it is nearly impossible to produce any message that
matches the prespecified target message digest.
- The Authentication Key and Message Digest Key-id must be used
consistently throughout the autonomous system. (Note that the
Message Digest Key-id field is disabled when this authentication type
is selected.)
• Authentication Key – Assign a plain-text password used by neighboring
routers to verify the authenticity of routing protocol messages.
(Range: 1-8 characters for simple password or 1-16 characters for MD5
authentication; Default: no key)
- You can assign a unique password to each network (i.e., autonomous
system) to improve the security of the routing database. However, the
password must be used consistently on all neighboring routers
throughout a network.
• Message Digest Key-id – Assigns a key-id used in conjunction with the
authentication key to verify the authenticity of routing protocol messages
sent to neighboring routers. (Range: 1-255; Default: none)
- Normally, only one key is used per interface to generate
authentication information for outbound packets and to authenticate