Re: RIP w/ key-chains

From: Nick Shah (nshah@xxxxxxxxxxxxxx)
Date: Sat Jun 15 2002 - 01:05:14 GMT-3

• Next message: Timothy Ouellette: "Re: RIP w/ key-chains"
• Previous message: Timothy Ouellette: "RIP w/ key-chains"
• Maybe in reply to: Timothy Ouellette: "RIP w/ key-chains"
• Next in thread: Timothy Ouellette: "Re: RIP w/ key-chains"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Tim,

Very interesting Q.

However, one thing, *key Chain* names are only locally significant (on the
router on which its defined). *key string* should be same for "pair" of
routers (or adjacent routers which are going to exchange updates). I have
checked it at various sources, DOC CD under IP ROUTING PROTOCOL INDEPENDENT
features, and also in RIPV2 chapter in Doyle I. Both have stated that key
chain names are only locally significant, key-strings should be the same on
both ends.

My guess regarding the behaviour of blank space is that when you are
defining key-chain , the space doesn't form a part of the actual name, but
when you are applying it to the interface its being considered (it could
also be the other way around).

I will lab it up tonight and give it a check.

rgds
Nick
----- Original Message -----
From: Timothy Ouellette <timoue@cogeco.ca>
To: <cisco@groupstudy.com>; <ccielab@groupstudy.com>
Sent: Saturday, June 15, 2002 1:15 PM
Subject: RIP w/ key-chains

> Okay folks, starting off a late night studying and noticed something
> weird. Got two boxes connected like so RouterA-------RouterB
>
> Router B has a bunch of segments off of it. Something weird. Per some
> of the material I have, the key chain names are supposed to be the same
> but I've found that on routerA I can use the name "test" and router B I
> can use the name "test2" and it'll work (i.e Routes get passed properly)
>
> Router A
>
> key chain test
> key 1
> key-string cisco
>
> ip rip authentication key test
>
> Router B
> key chain test2
> key 1
> key-string cisco
>
> ip rip authentication test2
>
> But if on routerB, I change the key-chain name to "test ". (yes there is
> a space at the end) and apply the appropriate "ip rip authentication
> test " into the interface then the router spits back about it not liking
> the authentication (invalid authentication)
>
> Am I loosing my mind. "test" and "test12345" are the same but "test"
> and "test " are different? I know that in BGP, you can apply multiple
> route-maps and if you leave a space at the end, the router things there
> is another route-map your calling and therefor may not make it through.
>
> Thanks all!
>
> Tim

• Next message: Timothy Ouellette: "Re: RIP w/ key-chains"
• Previous message: Timothy Ouellette: "RIP w/ key-chains"
• Maybe in reply to: Timothy Ouellette: "RIP w/ key-chains"
• Next in thread: Timothy Ouellette: "Re: RIP w/ key-chains"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:33 GMT-3