Configuring keychain for OSPFv2 virtual link

Key chains are sequences of keys (shared secrets). Users can configure key chains and can use keys with features that secure communications with other devices by using key-based authentication and optionally perform periodic key rotations within the chain. For OSPFv2 the new authentication feature can be applied on an interface and a virtual link.

Procedure

Configuring OSPFv2 Authentication feature:

  1. Enter global configuration mode. 
    device# configure terminal
  2. Enter the router ospf command to enter OSPF router configuration mode and enable OSPFv2 on the device.
  3. Enter the area command to assign an OSPFv2 area ID. 
    device(config-router-ospf)# area 0
  4. Enter the area command to assign a second OSPFv2 area ID. 
    device(config-router-ospf)# area 1
  5. Enter the interface command and the ID of the OSPFv2 device at the remote end of the virtual link to configure the virtual link endpoint.
    Configuring OSPFv2 Authentication feature under Interface:
    device(config)# interface ethernet 1/1
device(config)# enable
device(config)# ip ospf authentication key-chain keychain2
device(config)# ip address 53.54.43.54/24
device(config)# geg-default neg-off
  6. Enter the area virtual-link command and the ID of the OSPFv2 device at the remote end of the virtual link to configure the virtual link endpoint. 
    device(config-router-ospf)# area 1 virtual-link 3.3.3.3
device(config-router-ospf)# area 1 virtual-link 3.3.3.3 authentication key-chain keychain1
9037139-00 Rev AA