Hello,
I am working on configuring OSPFv3 (ospf6d) in our networks. In ospfd,
we use
ip ospf message-digest-key ...
for authentication. There is a specification for a somewhat similar
mechanism for OSPFv3 in RFC7166 (Authentication Trailers,
https://tools.ietf.org/html/rfc7166), but this seems not to be
implemented in quagga AFAICT (quagga-1.0.20160315).
So what do other people use to authenticate OSPFv3 routers - are you
really using IPsec? I am at a loss at how to configure that (on Linux).
While I probably could achieve authentication header for the unicast
communication using setkey with static keys, I have absolutely no clue
how to do that for the multicast packets.
Any help appreciated.
Regards
Matthias Ferdinand
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users
I am working on configuring OSPFv3 (ospf6d) in our networks. In ospfd,
we use
ip ospf message-digest-key ...
for authentication. There is a specification for a somewhat similar
mechanism for OSPFv3 in RFC7166 (Authentication Trailers,
https://tools.ietf.org/html/rfc7166), but this seems not to be
implemented in quagga AFAICT (quagga-1.0.20160315).
So what do other people use to authenticate OSPFv3 routers - are you
really using IPsec? I am at a loss at how to configure that (on Linux).
While I probably could achieve authentication header for the unicast
communication using setkey with static keys, I have absolutely no clue
how to do that for the multicast packets.
Any help appreciated.
Regards
Matthias Ferdinand
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-users