Hi Manav, Michael, and Srini, I think if AT authentication is configured then we must not accept packets without the AT-bit set. For migration, one could migrate one link at a time. For P2P links, both routers would need to support AT. For multi-access links, I think the best way to handle backward compatibility is to recommend a migration plan where different OSPFv3 interface instance IDs are used support groups of OSPFv3 routers that do and do not support AT. Of course, the routers eligible to become DR should support an interface in each group. It is certainly more straight-forward to migrate all the routers on a give link at once.
Thanks, Acee On Jan 19, 2011, at 6:53 PM, Bhatia, Manav (Manav) wrote: > Hi Michael, > > I agree, it is! :-) > > I was just thinking of an incremental approach where not all routers have > been upgraded with the new SW. > > Cheers, Manav > >> -----Original Message----- >> From: Michael Barnes [mailto:[email protected]] >> Sent: Wednesday, January 19, 2011 11.21 PM >> To: [email protected]; Bhatia, Manav (Manav) >> Subject: Re: [OSPF] AT Bit >> >> Hi Manav, >> >> On 01/19/2011 04:05 AM, Bhatia, Manav (Manav) wrote: >>> One could argue that if the AT router has turned ON >> authentication then >>> it MUST only accept packets with the AT block, but then we >> are taking a >>> giant leap of faith where we're assuming that ALL routers will >>> simultaneously turn on the AT mechanism. >> >> Isn't it pointless to use authentication unless all of the devices >> support it? >> >> Regards, >> Michael >> > _______________________________________________ > OSPF mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ospf
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
