ExtremeXOS allows OSPFv3 to use Internet Protocol Security (IPsec) to provide authentication for OSPFv3 packets and ensure security in the transmission of OSPFv3 packets between IPsec-enabled routers.
IPsec is a framework for ensuring secure private communication over IP networks and is based on standards developed by the International Engineering Task Force (IETF). IPsec provides security services at the network layer of the Open Systems Interconnection (OSI) model by enabling a system to select required security protocols, determine the algorithms to use for the security services, and implement any cryptographic keys required to provide the requested services. IPsec can be used to protect one or more paths between a pair of hosts, between a pair of security gateways (such as switches), or between a security gateway and a host.
ExtremeSwitching X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, 5520 series switches.
configure ospfv3 [{vlan} vlan-name | {tunnel} tunnel-name] authentication [none | keychain keychain-name | ipsec spi spi esp-auth-algorithm algorithm key [key-string | encrypted encrypted-key-string]
configure ospfv3 virtual-link {routerid} router-identifier {area} area-identifier authentication [none | keychain keychain-name | ipsec spi spi esp-auth-algorithm algorithm key [key-string | encrypted encrypted-key-string]
The output of the following Show commands includes IPsec Authentication information.
show ospfv3 interfaces {vlan vlan_name | tunnel tunnel_name | area area_identifier | detail}
show ospfv3 virtual-link {{routerid} router_identifier {area} area_identifier}