您的位置:首页 > 其它

Juniper OSPF邻居验证实例讲解

2012-07-22 10:34 295 查看




OSPF邻居验证支持MD5和明文验证两种方式,下面就通过r1,r2,r3来做邻居验证。这里我们把r1和r2进行邻居md5加密

r1的配置如下: interfaces {

em1 {
unit 12 {
vlan-id 12;
family inet {
address 10.0.4.5/30;
}
}
unit 13 {
vlan-id 13;
family inet {
address 10.0.4.14/30;
}
}
}
lo0 {
unit 1 {
family inet {
address 10.0.0.1/32;
}
}
}
}
protocols {
ospf {
area 0.0.0.2 {
interface em1.12 {
authentication {
md5 123 key "$9$4oZikmfTzn/"; ## SECRET-DATA//md5认证的key-id和key一定要和对端接口的key-id和key相匹配,否则就会验证失败!
}
}
interface em1.13;
}
}
}
r2的配置如下:interfaces {
em2 {
unit 21 {
vlan-id 12;
family inet {
address 10.0.4.6/30;
}
}
unit 23 {
vlan-id 23;
family inet {
address 10.0.4.2/30;
}
}
}
lo0 {
unit 2 {
family inet {
address 10.0.0.2/32;
}
}
}
}
protocols {
ospf {
area 0.0.0.2 {
interface em2.21 {
authentication {
md5 123 key "$9$XkQ-s2oJGDHq"; ## SECRET-DATA
}
}
interface em2.23;
}
}
}
验证MD5是否成功:olive# run show ospf interface logical-system r1 em1.12 extensive
Interface State Area DR ID BDR ID Nbrs
em1.12 BDR 0.0.0.2 10.0.0.2 10.0.0.1 1
Type: LAN, Address: 10.0.4.5, Mask: 255.255.255.252, MTU: 1500, Cost: 1
DR addr: 10.0.4.6, BDR addr: 10.0.4.5, Priority: 128
Adj count: 1
Hello: 10, Dead: 40, ReXmit: 5, Not Stub
Auth type: MD5, Active key ID: 123, Start time: 1970 Jan 1 08:00:00 CST
Protection type: None
Topology default (ID 0) -> Cost: 1

[edit logical-systems r2]
olive# run show ospf interface logical-system r2 em2.21 extensive
Interface State Area DR ID BDR ID Nbrs
em2.21 DR 0.0.0.2 10.0.0.2 10.0.0.1 1
Type: LAN, Address: 10.0.4.6, Mask: 255.255.255.252, MTU: 1500, Cost: 1
DR addr: 10.0.4.6, BDR addr: 10.0.4.5, Priority: 128
Adj count: 1
Hello: 10, Dead: 40, ReXmit: 5, Not Stub
Auth type: MD5, Active key ID: 123, Start time: 1970 Jan 1 08:00:00 CST
Protection type: None
Topology default (ID 0) -> Cost: 1本文出自 “Rista” 博客,请务必保留此出处http://rista.blog.51cto.com/2526140/938231
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航