【ネットワーク】インターフェース間でOSPFの認証設定してみた

下記構成のR3-R4で認証設定行います。

f:id:slavex:20210724150034p:plain

【設定前ログ】

R3(config)#do sh ip ospf interface gigabitEthernet 0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
Internet Address 10.1.3.3/24, Area 0, Attached via Network Statement
Process ID 1, Router ID 10.1.23.3, Network Type BROADCAST, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.1.23.3, Interface address 10.1.3.3
Backup Designated router (ID) 10.1.3.2, Interface address 10.1.3.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:02
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 4
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.3.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)

R4(config)#do sh ip ospf interface gigabitEthernet 0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
Internet Address 10.1.3.2/24, Area 0, Attached via Network Statement
Process ID 1, Router ID 10.1.3.2, Network Type BROADCAST, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 10.1.23.3, Interface address 10.1.3.3
Backup Designated router (ID) 10.1.3.2, Interface address 10.1.3.2
Flush timer for old DR LSA due in 00:02:52
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:08
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/2/3, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.23.3 (Designated Router)
Suppress hello for 0 neighbor(s)

【設定Config　シンプルパスワードver】

※OSPFの設定なので、(config-router)#モードで設定しそうになりますが

(config-if)#で設定します。

R3(config)#interface gigabitEthernet 0/0
R3(config-if)#ip ospf authentication
R3(config-if)#ip ospf authentication-key 123

R4(config)#interface gigabitEthernet 0/0
R4(config-if)#ip ospf authentication
R4(config-if)#ip ospf authentication-key 123

【設定Config　MD5ver】

R3(config-if)#ip ospf message-digest-key
R3(config-if)#ip ospf message-digest-key 1 md5 123

R4(config-if)#ip ospf authentication message-digest
R4(config-if)#ip ospf message-digest-key 1 md5 123

【設定後ログ　シンプルパスワードver】

R3(config)#do sh ip ospf interface gigabitEthernet 0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
Internet Address 10.1.3.3/24, Area 0, Attached via Network Statement
Process ID 1, Router ID 10.1.23.3, Network Type BROADCAST, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.1.23.3, Interface address 10.1.3.3
Backup Designated router (ID) 10.1.3.2, Interface address 10.1.3.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:04
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1/1, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 4
Last flood scan time is 0 msec, maximum is 1 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.3.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
Simple password authentication enabled

R4(config)#do sh ip ospf interface gigabitEthernet 0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
Internet Address 10.1.3.2/24, Area 0, Attached via Network Statement
Process ID 1, Router ID 10.1.3.2, Network Type BROADCAST, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 10.1.23.3, Interface address 10.1.3.3
Backup Designated router (ID) 10.1.3.2, Interface address 10.1.3.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:02
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/2/3, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.23.3 (Designated Router)
Suppress hello for 0 neighbor(s)
Simple password authentication enabled

【設定後ログ　MD5ver】

R4(config)#do sh ip ospf interface gigabitEthernet 0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
Internet Address 10.1.3.2/24, Area 0, Attached via Network Statement
Process ID 1, Router ID 10.1.3.2, Network Type BROADCAST, Cost: 1
Topology-MTID Cost Disabled Shutdown Topology Name
0 1 no no Base
Transmit Delay is 1 sec, State BDR, Priority 1
Designated Router (ID) 10.1.23.3, Interface address 10.1.3.3
Backup Designated router (ID) 10.1.3.2, Interface address 10.1.3.2
Flush timer for old DR LSA due in 00:00:09
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:08
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/2/3, flood queue length 0
Next 0x0(0)/0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 2
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.1.23.3 (Designated Router)
Suppress hello for 0 neighbor(s)
Cryptographic authentication enabled
Youngest key id is 1