[c-nsp] OSPFv3 authentication
Mack McBride
mack.mcbride at viawest.com
Mon Aug 29 12:51:37 EDT 2011
True, especially since most people do not run CLNS with peers.
Mack
-----Original Message-----
From: Mark Tinka [mailto:mtinka at globaltransit.net]
Sent: Monday, August 29, 2011 10:49 AM
To: Mack McBride
Cc: cisco-nsp at puck.nether.net; Jon Lewis
Subject: Re: [c-nsp] OSPFv3 authentication
On Friday, August 26, 2011 02:56:15 AM Mack McBride wrote:
> OSPFv3 uses primarily local multicast and link local addresses for
> communications which are not routable.
> This significantly reduces the exposure to attack.
> Blocking OSPF and other IGP protocols at your border is still a good
> idea (even for v4).
Agree, but IS-IS's nature makes this particular case of security even simpler :-).
Cheers,
Mark.
More information about the cisco-nsp
mailing list