Configuring Keychain for OSPFv3 virtual link

Key chains are sequences of keys (shared secrets). Users can configure key chains and can use keys with features that secure communications with other devices by using key-based authentication and optionally perform periodic key rotations within the chain. For OSPFv3 the new authentication feature can be applied on an interface and a virtual link.

Procedure

Configuring OSPFv3 Authentication feature:

  1. Enter global configuration mode. 
    device# configure terminal
  2. Enter the router ospf command to enter OSPF router configuration mode and enable OSPFv3 on the device.
  3. Enter the area command to assign an OSPFv3 area ID. 
    device(config-ipv6-router-ospf)# area 0
  4. Enter the area command to assign an OSPFv3 area ID. 
    device(config-ipv6-router-ospf)# area 1
  5. Enter the interface command and the ID of the OSPFv3 device at the remote end of the virtual link to configure the virtual link endpoint.
    Configuring OSPFv3 Authentication feature under Interface:
    device(config)# interface ethernet 1/1
device(config)# enable
device(config-ipv6-router-ospf)# ipv6 ospf authentication key-chain keychain2
device(config-ipv6-router-ospf)# ipv6 address 20.20::54/64 
device(config-ipv6-router-ospf)# gig-default neg-off
  6. Enter the area virtual-link command and the ID of the OSPFv3 device at the remote end of the virtual link to configure the virtual link endpoint. 
    device(config-ipv6-router-ospf)# area 1 virtual-link 3.3.3.3
device(config-ipv6-router-ospf)# area 1 virtual-link 3.3.3.3 authentication key-chain keychain1
9037139-00 Rev AA