
When applying [authentication](/ospf-authentication-for-v2-and-v3) for [OSPF](/ospf), it is possible to enable authentication either globally or on a per-interface basis.  This is the case for both [OSPFv2 and OSPFv3](/ospfv2-and-ospfv3-comparison).

## Per-area configuration for OSPFv2 and OSPFv3

For OSPFv2, to configure authentication globally (on a per-area basis), you can issue the following command in OSPF router configuration mode:

```
R1(config)#router ospf 1
R1(config-router)#area 0 authentication
```

In the above example, [Area 0](/ospf-backbone-area-0) has authentication enabled.  That is, all OSPF routers that connect to the local router on Area 0 must have authentication configured.  The command is similar for global authentication configuration for OSPFv3, but requires additional parameters in order to specify the type of authentication as well as a key (password):

```
R1(config)#ipv6 router ospf 1
R1(config-rtr)#area 0 authentication
```

## Per-interface configuration for OSPFv2
Alternatively, you can enable authentication on a per interface basis for OSPFv2 like so:

```
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip ospf authentication
```

## Per-interface configuration for OSPFv3

For OSPFv3, a similar command is used, but like the global configuration, it requires additional parameters to specify the type of authentication as well as the key to be used.  An example of such a configuration is found below:

```
R1(config)#interface FastEthernet 0/0
R1(config-if)#ipv6 ospf authentication ipsec spi 256 sha1 A5DEC4DD155A695A8B983AACEAA5A97C6AECB6D1
```

## Notes

Note that for OPSFv2, for both per-area and per-interface configurations, authentication is enabled using a single command.  The parameters for that authentication are a separate command, and must always be applied to the interface.

Conversely, for OSPFv3, there is only a single command that both enables and configures authentication.  This can be placed either on the interface or configured on a per area basis.  However, if configured globally, all OSPFv3 neighbors must use the same key.



Links:

https://forum.networklessons.com/t/how-to-configure-ospf-plain-text-authentication/940/24?u=lagapidis

https://networklessons.com/ipv6/ospfv3-authentication-and-encryption

https://networklessons.com/ospf/how-to-configure-ospf-plain-text-authentication

OSPF - Enabling authentication

NHRP show ip nhrp flags

NHRP

NTP - securing with MD5 authentication and a Windows NTP server

NTP poll interval

NTP server and client and the master command

NTP troubleshooting and debugging tools

NTP versions 3 and 4

Native VLANs and untagged frames

NetFlow - Flow Samplers

NetFlow - applying to an SVI

NetFlow - what is a flow

NetFlow local cache size

NetFlow

Network - Discontiguous or Discontinuous

Network - Discontiguous

Network - Example of communication, encapsulation, and decapsulation, between hosts

Network - Flapping

Network - Layer 2 network

Network - Layer 3 network

Network - Monitoring multiple IPs of a single device with Observium

Network - Observium vs LibreNMS

Network - broadcast domain

Network - control plane

Network - data plane

Network Address Translation (NAT)

Network Collisions

Network Design - Spine and leaf architecture

Network Design - Switch oversubscription ratios

Network Design - Traffic Engineering

Network Design - on-premises and off-premises

Network Time Protocol (NTP)

Network design - confine VLANs to as few access switches as possible

Network planes

Networking - what is a socket

Networks - Overlay Network

Networks - Overlay Transport Virtualization (OTV)

Networks - Spanning Layer 2 networks across remote sites

Networks - Underlay Network

Next Generation Multicast Virtual Private Network (NG-MVPN)

Nexus - using vPC with HSRP

Nexus - what is vPC

Nexus lacp rate fast

Nexus

OSI Model

OSPF - Advertising point to multipoint networks

OSPF - Cost of summarized routes

OSPF - DR-BDR election per broadcast domain

OSPF - DR-BDR election priority of zero

OSPF - ECMP across two different areas

OSPF - HMAC-SHA Extended Authentication

OSPF - Link State Updates (LSUs)

OSPF - MPLS SuperBackbone

OSPF - NBMA neighbors listen on 224.0.0.5

OSPF - NSSA P-bit

OSPF - Propagation of routes between areas

OSPF - Stub areas and allowed LSAs

OSPF - Type1 LSA

OSPF - Update pacing timers

OSPF - default-information originate always command

OSPF - distribute-list filtering

OSPF - manual neighbor configuration

OSPF - point-to-multipoint network type

OSPF - route filtering

OSPF - route summarization

OSPF - summary-address nssa-only on an ABR

OSPF - what triggers a DR-BDR election

OSPF ABR Type 3 LSA filtering using access lists

OSPF ABR and Loop Prevention

OSPF Authentication for v2 and v3

OSPF DR BDR election and neighbor adjacencies

OSPF DR BDR election criteria

OSPF DR BDR election process

OSPF Design - When to create new instance

OSPF Determining which LSA is newer

OSPF Discontiguous Area 0

OSPF E1 E2 N1 N2 routes

OSPF Forwarding Address

OSPF Hello packets unicast and multicast

OSPF IP Unnumbered

OSPF IS-IS comparison

OSPF Incremental SPF and receipt of LSAs

OSPF LSA Recursion

OSPF LSA Sequence Numbers

OSPF LSA Types

OSPF NSSA ABR advertises default route

OSPF Not So Stubby Area NSSA

OSPF Path selection

OSPF Routing Bit

OSPF SPF Scheduling and throttling timers

OSPF TTL Security Check

OSPF Troubleshooting

OSPF Type 4 LSA

OSPF Type 5 LSA

OSPF Type 7 LSA

OSPF Why it is not suitable for use on the Internet

OSPF advertising loopback network

OSPF area inactive

OSPF area notation

OSPF area type mismatch