2004-09-11 Paul Jakma <paul@dishone.st>

	* ospfd.texi: OSPF MD5 auth requires stable time.

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 97dddeceb1f9c87543ebdd51934c25981bc7a42c..243ff96c1b2274891943db470ee20a57d59342ef 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,7 @@
+2004-09-11 Paul Jakma <paul@dishone.st>
+
+       * ospfd.texi: OSPF MD5 auth requires stable time.
+
 2004-08-31 Hasso Tepper <hasso at quagga.net>
 
        * zebra.8: Document -s/--nl-bufsize command line switch.

diff --git a/doc/ospfd.texi b/doc/ospfd.texi
index 594845ca93535737322d635bab55041892faaf6a..842dfcf402af397600cb75ca618f2b63258c4e64 100644 (file)
--- a/doc/ospfd.texi
+++ b/doc/ospfd.texi
@@ -258,7 +258,12 @@ all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars.
 @deffnx {Interface Command} {no ip ospf message-digest-key} {}
 Set OSPF authentication key to a cryptographic password.  The cryptographic
 algorithm is MD5.  KEYID identifies secret key used to create the message
-digest.  KEY is the actual message digest key up to 16 chars.
+digest.  KEY is the actual message digest key up to 16 chars. Note that OSPF
+MD5 authentication requires that time never go backwards, even across
+resets, if ospfd is to be able to promptly reestabish adjacencies with it's
+neighbours after restarts/reboots. The host should have system time be set
+at boot from an external source (eg battery backed clock, NTP, etc.) if MD5
+authentication is to be expected to work reliably.
 @end deffn
 
 @deffn {Interface Command} {ip ospf cost <1-65535>} {}