From: John Neiberger (neiby@xxxxxxxxxx)
Date: Wed Oct 24 2001 - 11:35:33 GMT-3
Ah, I see I was wrong. I also just checked one of our 2600s running 12.2
and it had it. When I checked earlier I was looking at a 2500 running
11.2(18). When I looked for that at home I must have looked on the router
that was still running 11.2. I'm sure if I'd look at the 12.1 routers I
would have seen it.
Thanks,
John
On Wed, 24 Oct 2001 09:30:50 -0500, Richard Foltz wrote:
| I've got multiple 2500s here at my home lab running 12.0(14) and they all
| can do 'clear ip ospf process'.
|
| r2504#clear ip ospf proc
| Reset ALL OSPF processes? [no]: yes
| r2504#
|
| Richard Foltz, CCNP-Voice, CCDP, MCSE+I, Network+, A+
| RTP 11/2
|
| ----- Original Message -----
| From: "John Neiberger" <neiby@excite.com>
| To: "Richard Foltz" <ccie2b@rfoltz.com>
| Cc: <ccielab@groupstudy.com>
| Sent: Wednesday, October 24, 2001 9:18 AM
| Subject: Re: Resolved, was OSPF Virtual Link Authentication [7:23867]
|
|
| > What IOS version has that command? I've never seen anything other than
| > "clear ip ospf redistribution". That would certainly fix the problem.
In
| a
| > lot of cases simply shutting down the interface for a bit and then
| > restarting it clears things up. With the authentication issue, though,
it
| > never seemed to work.
| >
| > BTW, I just checked. Clear ip ospf process is not available on a 2500
or
| > 2600 but it is available on our 7513. I've never noticed that since we
| > don't run OSPF at work.
| >
| > Thanks,
| > John
| >
| > On Tue, 23 Oct 2001 23:29:03 -0500, Richard Foltz wrote:
| >
| > | might wanna try a 'clear ip ospf process' instead of rebooting all
the
| > time.
| > |
| > | Richard Foltz, CCNP-Voice, CCDP, MCSE+I, Network+, A+
| > | 3rd Attemp @ RTP 11/2-3
| > |
| > | ----- Original Message -----
| > | From: "John Neiberger" <neiby@excite.com>
| > | To: <cisco@groupstudy.com>
| > | Cc: <ccielab@groupstudy.com>
| > | Sent: Tuesday, October 23, 2001 11:07 PM
| > | Subject: Resolved, was OSPF Virtual Link Authentication [7:23867]
| > |
| > |
| > | > Well...sort of resolved. After upgrading more of my routers to
| > 12.1(10) I
| > | > rebuilt my lab and attempted the ospf lab again. This time it
still
| > would
| > | > not work, but instead of getting a Mismatched Authentication Key
| error
| > | > during debugging I was getting a Mismatched Authentication Type.
It
| > | claimed
| > | > that one end was using Type 0 and the other was Type 1. I don't
| really
| > | know
| > | > what that means so I tinkered for a while.
| > | >
| > | > I tried many different combinations to no avail and eventually put
| > | > everything back the way I honestly thought it should be. Still
| > nothing.
| > | > So, I rebooted...and guess what...it came up just fine.
| > | >
| > | > This really irritates me. Why would I need to reboot? It seems
like
| I
| > do
| > | a
| > | > lot of rebooting when playing with ospf! :-) Maybe that's just
me,
| > | though.
| > | >
| > | > Anyway, here is what the final working config looks like (and it's
| > exactly
| > | > what I *thought* should have worked in the first place):
| > | >
| > | > R4 is in Area 0 and Area 1. R5 connects to R4 and has interfaces
in
| > area
| > | 5.
| > | >
| > | > R4 ospf config:
| > | >
| > | > router ospf 1
| > | > log-adjacency-changes
| > | > area 0 authentication
| > | > area 1 virtual-link 212.1.22.1 authentication-key cisco
| > | > network 200.100.100.17 0.0.0.0 area 4
| > | > network 212.1.22.33 0.0.0.0 area 1
| > | > network 212.1.22.84 0.0.0.0 area 0
| > | >
| > | > R5 ospf config:
| > | >
| > | > router ospf 1
| > | > network 212.1.22.34 0.0.0.0 area 1
| > | > network 20.1.1.1 0.0.0.0 area 5
| > | > network 20.1.2.1 0.0.0.0 area 5
| > | > network 20.1.3.1 0.0.0.0 area 5
| > | > area 0 authentication
| > | > area 1 virtual-link 200.100.100.17 authentication-key cisco
| > | > area 5 range 20.1.0.0 255.255.0.0
| > | >
| > | > Very simple, very straightforward, and dang it, it should have
worked
| > two
| > | > days ago! Oh well. Perhaps I was overlooking something and
tonight's
| > | > configs are *exactly* the same as I had them two days ago.
| > | >
| > | > Thanks to everyone for their help and suggestions!
| > | >
| > | > John
| > | >
| > | >
| > | > On Tue, 23 Oct 2001 21:40:50 -0400, Ryan Ngai Hon Kong wrote:
| > | >
| > | > | Don't you think fixing up the router-id in this scenario is
| > | > | better to ensure consistent virtual link and since
| > | > | you keep rebooting the router?
| > | > |
| > | > | Just an opinion. :)
| > | > | Regards,
| > | > | Ryan
| > | > |
| > | > | -----Original Message-----
| > | > | From: John Neiberger [mailto:john.neiberger@efirstbank.com]
| > | > | Sent: Tuesday, October 23, 2001 10:06 PM
| > | > | To: cisco@groupstudy.com
| > | > | Subject: RE: OSPF Virtual Link Authentication [7:23867]
| > | > |
| > | > |
| > | > | Thanks. I was configuring it as you suggest. I played around
| with
| > | this
| > | > | more last night and I never got it to work. It's frustrating
| > because
| > | it
| > | > | seems so simple, yet I must be missing something that's right
| under
| > my
| > | > | nose.
| > | > |
| > | > | I had some problems with lab equipment last night that I
finally
| > | > | resolved. So, tonight I'll rebuild everything from scratch and
| see
| > if
| > | I
| > | > | can make it work.
| > | > |
| > | > | John
| > | > |
| > | > | >>> "Frank B" 10/23/01 1:10:15 AM >>>
| > | > | Not sure if you received any possible issues other than the
| > whitespace.
| > | > | But
| > | > | another common error...there are NO interface commands required
| for
| > | > | the
| > | > | interfaces into the transit area. The authentication commands
are
| > | > | placed at
| > | > | the end of the area x virtual-link command under the ospf
process.
| > | > | For
| > | > | instance:
| > | > |
| > | > |
| > | > | Ra-----area0-----Rb-----area1-----Rc-----area2------Rd
| > | > |
| > | > | If area0 requires authentication, the only commands required to
| > | > | authenticate
| > | > | on the virtual-link transiting area1 are:
| > | > |
| > | > | Rc#
| > | > | router ospf 1
| > | > | area 1 virtual-link [Rb rtr id] authenticatio-key cisco
| > | > | area 0 authentication
| > | > |
| > | > | AND of course the same commands on the ospf process of Rb also.
| > This
| > | > | example was plain text but the "question mark" will help get
you
| the
| > | > | md5
| > | > | commands. The way I remember it...this virtual link IS my
| interface
| > | > | into
| > | > | the backbone so I ONLY need to configure there.
| > | > |
| > | > | Hope this helps, aloha, Frank
| > | > |
| > | > | -----Original Message-----
| > | > | From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On
| Behalf
| > Of
| > | > | John Neiberger
| > | > | Sent: Sunday, October 21, 2001 6:54 PM
| > | > | To: ccielab@groupstudy.com
| > | > | Subject: OSPF Virtual Link Authentication
| > | > |
| > | > |
| > | > | I was working on Fatkid 401 OSPF lab tonight and I could never
get
| > the
| > | > | virtual link authentication to work correctly. No matter what
I
| > did,
| > | > | I
| > | > | would get errors stating I had a mismatched authentication key.
| > Well,
| > | > | the
| > | > | key was "cisco" so that's not too hard to type in correctly.
| Still,
| > I
| > | > | played with the configs on the two relevant routers and I
rebooted
| > | > | them
| > | > | several times, all to no avail.
| > | > |
| > | > | I even changed the authentication type to md5 and got the same
| > | > | message.
| > | > | Very weird. I thought at one point this was an IOS issue
because
| one
| > | > | router
| > | > | was running 11.2(7) and the other 11.2(25a). I upgraded the
first
| > one
| > | > | to
| > | > | 11.2(25a) and I still see the same error.
| > | > |
| > | > | I peeked at the solution and saw that I had it configured
exactly
| > how
| > | > | they
| > | > | suggested. Then I checked CCO and saw that they suggest the
same
| > | > | configuration.
| > | > |
| > | > | Do any of you have any tips for configuring virtual link
| > | > | authentication?
| > | > | This seems to be a pretty simple config and I don't see what
I'm
| > | > | missing.
| > | > |
| > | > | Thanks,
| > | > | John
| > | > |
| > | > |
| > | > |
| > | > |
| > | > |
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:24 GMT-3