Hi Job and Stuart, Thanks for your reply.
I know the ospfv3 authentication relies on IPsec. But I'm still a little confused with the words: "The default cryptographic algorithm for OSPFv2 keys is Keyed-MD5 and for OSPFv3 keys is HMAC-SHA-256." I found such words in BIRD 2.0.0 User's Guide section 6.7.2: authentication cryptographic An authentication code is appended to every packet. The specific cryptographic algorithm is selected by option algorithm for each key. The default cryptographic algorithm for OSPFv2 keys is Keyed-MD5 and for OSPFv3 keys is HMAC-SHA-256. Passwords are not sent open via network, so this mechanism is quite secure. Packets can still be read by an attacker. maybe the document should be updated to make clear. Thanks. Best regards, Derek Pan -----Original Message----- From: Job Snijders [mailto:[email protected]] Sent: Thursday, March 15, 2018 6:54 PM To: Stuart Henderson <[email protected]> Cc: Derek Pan <[email protected]>; [email protected]; Asky Lee <[email protected]> Subject: Re: Authentication in OSPFv3 On Thu, Mar 15, 2018 at 10:45:09AM +0000, Stuart Henderson wrote: > On 2018/03/15 08:45, Derek Pan wrote: > > when I create a ospfv3 instance with authentication info, and I get > > the output: “Authentication not supported in OSPFv3” > > > > do you have a plan to support it or not ? > > It's not BIRD. OSPFv3 doesn't support authentication. Indeed, please review: http://packetlife.net/blog/2008/sep/3/ospfv3-authentication/ Kind regards, Job
