[c-nsp] OSPFv3 authentication

Mack McBride mack.mcbride at viawest.com
Thu Aug 25 14:56:15 EDT 2011


OSPFv3 uses primarily local multicast and link local addresses for communications which are not routable.
This significantly reduces the exposure to attack.
Blocking OSPF and other IGP protocols at your border is still a good idea (even for v4).

Mack

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Mark Tinka
Sent: Thursday, August 25, 2011 10:21 AM
To: cisco-nsp at puck.nether.net
Cc: Jon Lewis
Subject: Re: [c-nsp] OSPFv3 authentication

On Thursday, August 25, 2011 09:16:03 PM Jon Lewis wrote:
 
> you get different lists of supported platforms, but both are pretty 
> small and lack any of the gear I'm interested in.  Is everyone 
> using/moving to ISIS?...or just doing
> OSPFv3 without authentication?

IS-IS here with HMAC MD5 authentication, supporting both v4 and v6 with Multi Topologies.

Mark.



More information about the cisco-nsp mailing list