Reference Guide
OSPFv3 Commands
area authentication
Congures authentication for an OSPFv3 area.
Syntax
area area-id authentication ipsec spi number {MD5 | SHA1} key
Parameters
• area area-id — Enter an area ID as a number or IPv6 prex.
• ipsec spi number — Enter a unique security policy index (SPI) value (256 to 4294967295).
• md5 — Enable MD5 authentication.
• sha1 — Enable SHA-1 authentication.
• key — Enter the text string used in the authentication type.
Default OSPFv3 area authentication is not congured.
Command Mode ROUTER-OSPFv3
Usage Information
• Before you enable IPsec authentication for an OSPFv3 area, you must enable OSPFv3 globally on each router.
• All OSPFv3 routers in the area must share the same authentication key to exchange information. Only a non-
encrypted key is supported. For MD5 authentication, the non-encrypted key must be 32 plain hex digits. For
SHA-1 authentication, the non-encrypted key must be 40 hex digits. An encrypted key is not supported.
Example
OS10(config-router-ospfv3-100)# area 1 authentication ipsec spi 400 md5
12345678123456781234567812345678
Supported Releases 10.4.0E(R1) or later
area encryption
Congures encryption for an OSPFv3 area.
Syntax
area area-id encryption ipsec spi number esp encryption-type key
authentication-type key
Parameters
• area area-id — Enter an area ID as a number or IPv6 prex.
• ipsec spi number — Enter a unique security policy index number (256 to 4294967295).
• esp encryption-type — Enter the encryption algorithm used with ESP (3DES, DES, AES-CBC, or
NULL). For AES-CBC, only the AES-128 and AES-192 ciphers are supported.
• key — Enter the text string used in the encryption algorithm.
• authentication-type — Enter the encryption authentication algorithm to use (MD5 or SHA1).
• key — Enter the text string used in the authentication algorithm.
Default OSPFv3 area encryption is not congured.
Command Mode ROUTER-OSPFv3
Usage Information
• Before you enable IPsec encryption for an OSPFv3 area, you must enable OSPFv3 globally on each router.
386 Layer 3