Yeah, it is kind of interesting. What's more interesting is the following. I think that when you define your key-chain and you put a space and the end that it doesn't really take that. What I think is happening is that when you try to apply it under the "ip rip authentication key test " with the space at the end. You'll notice that if you type that in and press ? that you can do the following "ip rip authentication key test 1 2 3 4 5 6 7 8 9 10" forever, does that mean you can call multiple key-chains? I'm not sure, so what I think may be happening is that space may be telling the router that there is another key-chain following the first one and then it cannot find the next one (cuz there isn't one) and that's why it fails.
I accept your statement about the key-chaings being locally significant, but what about key id's? I remember reading somewhere that those have to be the same such that if your using key 1 on routera, key 1 better be on routerb. Or was that eigrp? I'll have to play "lab it up" a little more. Tim Nick Shah wrote: > Tim, > > Very interesting Q. > > However, one thing, *key Chain* names are only locally significant (on the > router on which its defined). *key string* should be same for "pair" of > routers (or adjacent routers which are going to exchange updates). I have > checked it at various sources, DOC CD under IP ROUTING PROTOCOL INDEPENDENT > features, and also in RIPV2 chapter in Doyle I. Both have stated that key > chain names are only locally significant, key-strings should be the same on > both ends. > > My guess regarding the behaviour of blank space is that when you are > defining key-chain , the space doesn't form a part of the actual name, but > when you are applying it to the interface its being considered (it could > also be the other way around). > > I will lab it up tonight and give it a check. > > rgds > Nick > ----- Original Message ----- > From: Timothy Ouellette > To: ; > Sent: Saturday, June 15, 2002 1:15 PM > Subject: RIP w/ key-chains > > > Okay folks, starting off a late night studying and noticed something > > weird. Got two boxes connected like so RouterA-------RouterB > > > > Router B has a bunch of segments off of it. Something weird. Per some > > of the material I have, the key chain names are supposed to be the same > > but I've found that on routerA I can use the name "test" and router B I > > can use the name "test2" and it'll work (i.e Routes get passed properly) > > > > Router A > > > > key chain test > > key 1 > > key-string cisco > > > > ip rip authentication key test > > > > Router B > > key chain test2 > > key 1 > > key-string cisco > > > > ip rip authentication test2 > > > > But if on routerB, I change the key-chain name to "test ". (yes there is > > a space at the end) and apply the appropriate "ip rip authentication > > test " into the interface then the router spits back about it not liking > > the authentication (invalid authentication) > > > > Am I loosing my mind. "test" and "test12345" are the same but "test" > > and "test " are different? I know that in BGP, you can apply multiple > > route-maps and if you leave a space at the end, the router things there > > is another route-map your calling and therefor may not make it through. > > > > Thanks all! > > > > Tim > > _________________________________________________________________ > > Commercial lab list: http://www.groupstudy.com/list/commercial.html > > Please discuss commercial lab solutions on this list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46673&t=46673 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
