
[OSPF](/ospf) used to only support plain text and MD5 authentication but since IOS 15.4(1)T, OSPF also supports HMAC-SHA (Hash Message Authentication Code Secure Hash Algorithm).  In addition, OSPF now uses key chains like [RIP](/rip) and [EIGRP](/eigrp).

However, the configuration process for IOS-XR has changed:

First, you need to define the key-chain:

```vbnet
key chain R1
 key 1
  key-string R1_Password
  cryptographic-algorithm hmac-sha-256
 commit
```

Then, you need to apply this key-chain to the OSPF area:

```kotlin
router ospf 1
 area 0
  authentication keychain R1
  interface GigabitEthernet0/0/0/2
 commit
```

This `authentication` command can be applied at the interface or the `router ospf` configuration mode. 

## Links

https://forum.networklessons.com/t/ospf-hmac-sha-extended-authentication/1940/12?u=lagapides

https://networklessons.com/cisco/ccie-routing-switching-written/ospf-hmac-sha-extended-authentication

https://www.cisco.com/c/en/us/td/docs/ios_xr_sw/iosxr_r3-7/routing/command/reference/rr37ospf.html#wp998765

https://networklessons.com/cisco/ccie-routing-switching-written/how-to-configure-ospf-plain-text-authentication

https://networklessons.com/cisco/ccie-routing-switching-written/how-to-configure-ospf-md5-authentication

OSPF - HMAC-SHA Extended Authentication

Network - Transient traffic

Network - Two Way Active Measurement Protocol (TWAMP)

Network - broadcast domain

Network - control plane

Network - data plane

Network Address Translation (NAT)

Network Collisions

Network Design - Choosing a technology for multiple datacenter topology

Network Design - Load Balancing vs Load Sharing

Network Design - Spine and leaf architecture

Network Design - Switch oversubscription ratios

Network Design - Traffic Engineering

Network Design - on-premises and off-premises

Network Design Achieving Redundancy with PE Devices

Network Design Considerations Involving PE and P Routers

Network Time Protocol (NTP)

Network design - confine VLANs to as few access switches as possible

Network planes

Networking - Understanding Chassis devices

Networking - what is a socket

Networks - Overlay Network

Networks - Overlay Transport Virtualization (OTV)

Networks - Spanning Layer 2 networks across remote sites

Networks - Underlay Network

Next Generation Multicast Virtual Private Network (NG-MVPN)

Next Hop

Nexus - using vPC with HSRP

Nexus - what is vPC

Nexus lacp rate fast

Nexus

OSI Model

OSPF - A comparison with IS-IS

OSPF - ABR has at least one interface in Area 0

OSPF - ASBR E-bit in an LSA

OSPF - Adjacencies in a Multi-Access network segment

OSPF - Adjacency Between NBMA and P2MP Non-Broadcast Networks

OSPF - Advertising point to multipoint networks

OSPF - Area Border Router (ABR)

OSPF - Autonomous System Boundary Router (ASBR)

OSPF - BDR is elected before DR

OSPF - Cost of summarized routes

OSPF - DR-BDR election per broadcast domain

OSPF - DR-BDR election priority of zero

OSPF - Database Example

OSPF - Default route advertisement next hop IP

OSPF - Down (DN) Bit

OSPF - ECMP across two different areas

OSPF - ECMP to destination in Area 0

OSPF - Enabling authentication

OSPF - Identifying the router type

OSPF - LSA Max Age

OSPF - LSA Refresh Time

OSPF - LSA checksum

OSPF - Link ID and ADV Router in the OSPF database

OSPF - Link ID in the OSPF database

OSPF - Link State Updates (LSUs)

OSPF - MPLS SuperBackbone

OSPF - NBMA neighbors listen on 224.0.0.5

OSPF - NSSA P-bit

OSPF - NSSA no automatic default route

OSPF - Neighbor states

OSPF - Neighbor vs Adjacency

OSPF - OSPFv3 authentication

OSPF - Propagation of routes between areas

OSPF - Stub areas and allowed LSAs

OSPF - Stuck in ATTEMPT neighbor state

OSPF - Stuck in ExStart or Exchange states

OSPF - Type 5 LSA filtering on an ASBR

OSPF - Type1 LSA

OSPF - Update pacing timers

OSPF - capablity vrf-lite

OSPF - control plane vs data plane loops

OSPF - default-information originate always command

OSPF - distance command

OSPF - distribute-list filtering

OSPF - manual neighbor configuration

OSPF - network type mismatch

OSPF - non-zero Forwarding Address example

OSPF - point-to-multipoint network type

OSPF - route summarization

OSPF - summary-address nssa-only on an ABR

OSPF - what triggers a DR-BDR election

OSPF ABR Type 3 LSA filtering using access lists

OSPF ABR and Loop Prevention

OSPF Authentication for v2 and v3

OSPF BDR to DR Transition Time

OSPF DR BDR election and neighbor adjacencies

OSPF DR BDR election criteria

OSPF DR BDR election process

OSPF Database Exchange Process Master Slave Election

OSPF Design - When to create new instance

OSPF Determining which LSA is newer

OSPF Discontiguous Area 0

OSPF Do Not Age (DNA) Flag

OSPF E1 E2 N1 N2 routes

OSPF Forwarding Address

OSPF Hello packets unicast and multicast

OSPF IP Unnumbered

OSPF IS-IS comparison