Manualshelf

User manual

ManualsBrandsAlvarion ManualsNetworkingBreezeNET B300 GigE
171172173174175176177178179180
Chapter 4 - Layer 3 Command Set - IP Networking OSPFv2 (Dynamic Routing Protocol Module)
Alvarion BreezeNET B130/B300 GigE 159 Operational User Manual
After receiving updated information about links changes, the router initiates its
link-state database synchronization with its neighbors, if it's a DR. This process
does not start right after new information receipt but after a period of time
assuming that some more data may come. This is made in order to avoid network
"storms". The time for the delay can be configured for every interface/link in
config-if mode:
transmit-delay <1-65535> [A.B.C.D]
Moreover, the router automatically updates link-state information with its
neighbors. Only obsolete information is updated which age has exceeded a
specific threshold. By default, this threshold equals 1800 seconds (half an hour)
and it can be changed using the following command in config-router mode:
refresh timer <10-1800>
The parameter is specified for the OSPF router in general.
Virtual link is a point-to-point transit network. In this network a neighboring
relationship is also established between two routers. For virtual links there are
similar parameters for neighboring relationship establishment. These parameters
are configured in config-router mode:
area (A.B.C.D|<0-4294967295>) virtual-link A.B.C.D
(hello-interval|<1-65535>
retransmit-interval|
transmit-delay|
dead-interval)
4.7.9 Authentication. Identity Check
In order to prevent an unauthorized connection of the devices to OSPF system, the
system has an identity check for protocol's packets. Currently the device has two
different options for identity check (authentication):
Password authentication. All packets sent to the network should have a
corresponding value in a 64-bit OSPF authentication header data field. The
value is a 64-bit password (not encrypted). Simple password authentication is
vulnerable for passive attacks (sniffing) because broadcasting is used and the
packet has a password in an explicit form.
Cryptographic authentication. For each OSPF packet a key is used while
generation and check of message-digest signatures which are added to the end
of OSPF packet. Digital signature is built based on MD5 algorithm. Digital
signature is based on one-way function using OSPF packet and a secret key.