Deployment Guide

To remove null authentication on an interface to allow the interface to inherit the authentication policy congured
for the OSPFv3 area, use the no ipv6 ospf encryption null command.
Parameters
null Causes an encryption policy congured for the area to not be inherited on the interface.
ipsec spi number Security Policy index (SPI) value that identies an IPsec security policy. The range is from
256 to 4294967295.
esp encryption-
algorithm
Encryption algorithm used with ESP.
Valid values are: 3DES, DES, AES-CBC, and NULL.
For AES-CBC, only the AES-128 and AES-192 ciphers are supported.
key-encryption-
type
(OPTIONAL) Species if the key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
The required lengths of a non-encrypted or encrypted key are:
3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-CBC -32 or 64 hex digits for
AES-128 and 48 or 96 hex digits for AES-192.
authentication-
algorithm
Species the authentication algorithm to use for encryption. Valid values are MD5 or
SHA1.
key-encryption-
type
(OPTIONAL) Species if the authentication key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
For MD5 authentication, the key must be 32 hex digits (non-encrypted) or 64 hex digits
(encrypted).
For SHA-1 authentication, the key must be 40 hex digits (non-encrypted) or 80 hex digits
(encrypted).
Defaults Not congured.
Command Modes INTERFACE
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information
Before you enable IPsec encryption on an OSPFv3 interface, rst enable IPv6 unicast routing globally, congure an
IPv6 address and enable OSPFv3 on the interface, and assign the interface to an area.
972 Open Shortest Path First (OSPFv2 and OSPFv3)