[c-nsp] Securing OSPFv3 on 6500/7600 Routers?

Pete Lumbis alumbis at gmail.com
Wed Jan 5 22:54:43 EST 2011


I would see the benefit more from authentication than from encryption.

My understanding is that instead of doing MD5 hashing as a function of
OSPF, OSPFv3 simply leverages the built in IPSec functionality of
IPv6. I would imagine the end goals are the same.

On Wed, Jan 5, 2011 at 10:28 PM, Dobbins, Roland <rdobbins at arbor.net> wrote:
>
> On Jan 6, 2011, at 10:19 AM, Devon True wrote:
>
>> Does not work on the 6500/7600 unfortunately, but worked beautifully in my GNS3 lab.
>
> And encrypting one's IGP updates via IPSEC contributes materially to one's network security posture in what specific way(s)?
>
> ------------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> Most software today is very much like an Egyptian pyramid, with millions
> of bricks piled on top of each other, with no structural integrity, but
> just done by brute force and thousands of slaves.
>
>                          -- Alan Kay
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



More information about the cisco-nsp mailing list