CLI Guide
3DES - 48 or 96 hex digits; DES - 16 or 32 hex digits; AES-
CBC -32 or 64 hex digits for AES-128 and 48 or 96 hex
digits for AES-192.
authentication-
algorithm
Specifies the authentication algorithm to use for encryption.
Valid values are MD5 or SHA1.
key-encryption-
type
(OPTIONAL) Specifies if the authentication key is encrypted.
Valid values: 0 (key is not encrypted) or 7 (key is encrypted).
key
Text string used in authentication.
For MD5 authentication, the key must be 32 hex digits (non-
encrypted) or 64 hex digits (encrypted).
For SHA-1 authentication, the key must be 40 hex digits
(non-encrypted) or 80 hex digits (encrypted).
Defaults Not configured.
Command Modes INTERFACE
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
9.2(0.0) Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information
Before you enable IPsec encryption on an OSPFv3 interface, first enable IPv6
unicast routing globally, configure an IPv6 address and enable OSPFv3 on the
interface, and assign the interface to an area.
An SPI value must be unique to one IPsec security policy (authentication or
encryption) on the router. Configure the same encryption policy (same SPI and key)
on each OSPFv3 interface in a link.
ipv6 ospf graceful-restart helper-reject
Configure an OSPFv3 interface to not act upon the Grace LSAs that it receives from a restarting OSPFv3
neighbor.
Syntax
ipv6 ospf graceful-restart helper-reject
Open Shortest Path First (OSPFv2 and OSPFv3)
1131