Configuring OSPF Interface Authentication

Procedure

1. Run system-view

   The system view is displayed.

2. Run interface interface-type interface-number

   The interface view is displayed.

3. Run dcn (interface view) or dcn mode vlan

   DCN is enabled on the interface or sub-interface 4094.

4. Run any of the following commands:

   • To configure simple authentication, run the dcn ospf authentication-mode simple [ [ plain ] plain-text | cipher cipher-text ] command.

     

     • The new password is at least eight characters long and contains at least two of the following types: upper-case letters, lower-case letters, digits, and special characters, except the question mark (?) and space.

     • For security purposes, you are advised to configure a password in ciphertext mode. To further improve device security, periodically change the password.

   • To configure Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) authentication, run the dcn ospf authentication-mode { { md5 | hmac-md5 | hmac-sha256 } [ key-id { plain plain-text | [ cipher ] cipher-text } ] } command.

     

     For the sake of security, using the HMAC-SHA256 algorithm rather than the MD5 and HMAC-MD5 algorithm is recommended.

   • To configure null authentication, run the dcn ospf authentication-mode null command. In null authentication mode, OSPF packets are not authenticated.

   OSPF interfaces on the same network segment must have the same authentication mode and password.

   By default, area authentication is not configured for OSPF. Configuring area authentication is recommended to ensure system security.

5. Run commit

   The configuration is committed.