Manualshelf

Command Line Reference Guide

ManualsBrandsDell ManualsserversDell C7004/C150 Aggregation Core chassis Switch
1081108210831084108510861087108810891090
Open Shortest Path First (OSPFv2 and OSPFv3) | 1081
Command Modes
INTERFACE
Command
History
Usage
Information
Before you enable IPsec authentication on an OSPFv3 interface, you must first enable IPv6 unicast
routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign the
interface to an area.
An SPI value must be unique to one IPsec security policy (authentication or encryption) on the router.
You must configure the same authentication policy (same SPI and key) on each OSPFv3 interface in a
link.
To remove an IPsec authentication policy from an interface, enter the no ipv6 ospf authentication
spi number command. To remove null authentication on an interface to allow the interface to inherit
the authentication policy configured for the OSPFv3 area, enter the no ipv6 ospf authentication
null command.
Related
Commands
ipv6 ospf encryption
e
t
Configure an IPsec encryption policy for OSPFv3 packets on an IPv6 interface.
Syntax
ipv6 ospf encryption {null | ipsec spi number esp encryption-algorithm
[key-encryption-type] key authentication-algorithm [key-encryption-type] key}
Parameters
Version 8.4.2.0 Introduced
area authentication Configure an IPsec authentication policy for an OSPFv3 area.
show crypto ipsec policy
D
isplay the configuration of IPsec authentication policies.
show crypto ipsec sa ipv6
D
isplay the security associations set up for OSPFv3 interfaces
in authentication policies.
null
Causes an encryption policy configured for the area to not be inherited on the
interface.
ipsec spi number
Security Policy index (SPI) value that identifies an IPsec security policy.
Range: 256 to 4294967295.
esp
encryption-algorithm
Encryption algorithm used with ESP.
Valid values are: 3DES, DES, AES-CBC, and NULL.
For AES-CBC, only the AES-128 and AES-192 ciphers are supported.
key-encryption-type
(OPTIONAL) Specifies if the key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in encryption.
The required lengths of a non-encrypted or encrypted key are:
3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-CBC -
32 or 64 hex digits for AES-128 and 48 or 96 hex digits for AES-192.
authentication-algorith
m
Specifies the authentication algorithm to use for encryption.
Valid values are
MD5 or SHA1.