From: paul Date: Sun, 12 Sep 2004 05:48:35 +0000 (+0000) Subject: 2004-09-11 Paul Jakma X-Git-Tag: frr-2.0-rc1~3574 X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=4fc7085cfa36103b491aec130346f1a632187849;p=mirror%2Ffrr.git 2004-09-11 Paul Jakma * ospfd.texi: OSPF MD5 auth requires stable time. --- diff --git a/doc/ChangeLog b/doc/ChangeLog index 97dddeceb1..243ff96c1b 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,7 @@ +2004-09-11 Paul Jakma + + * ospfd.texi: OSPF MD5 auth requires stable time. + 2004-08-31 Hasso Tepper * zebra.8: Document -s/--nl-bufsize command line switch. diff --git a/doc/ospfd.texi b/doc/ospfd.texi index 594845ca93..842dfcf402 100644 --- a/doc/ospfd.texi +++ b/doc/ospfd.texi @@ -258,7 +258,12 @@ all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars. @deffnx {Interface Command} {no ip ospf message-digest-key} {} Set OSPF authentication key to a cryptographic password. The cryptographic algorithm is MD5. KEYID identifies secret key used to create the message -digest. KEY is the actual message digest key up to 16 chars. +digest. KEY is the actual message digest key up to 16 chars. Note that OSPF +MD5 authentication requires that time never go backwards, even across +resets, if ospfd is to be able to promptly reestabish adjacencies with it's +neighbours after restarts/reboots. The host should have system time be set +at boot from an external source (eg battery backed clock, NTP, etc.) if MD5 +authentication is to be expected to work reliably. @end deffn @deffn {Interface Command} {ip ospf cost <1-65535>} {}