[j-nsp] Help with OSPF config

[Atul Kant]

Hi,

1. use simple auth or no auth to see if it works
2. then turn on MD5 auth together with traceoptions enabled under OSPF 
on Juniper and enable ip ospf debugging on the Cisco
3. it maybe useful to use wireshark or any other network analyzer to 
capture OSPF packets from Cisco and Juniper and observe the MD5 
sequence number
4. The sequence number received by each router from the other should be 
non-decreasing

you only need to do 3 and 4 if 2 does not give anything useful. You may 
have completely different issue, my suggestion is based on a similar 
issue I had in the recent past.

Thanks,
Atul.

On 19/02/2008, at 9:28 AM, Matthew Crocker wrote:

>
> I need some Juniper-Foo for my OSPF config.
>
>   I have 3 routers connected to a GigE switch.
>
> Router A is a Cisco 12000
> Router B is a Juniper J6350
> Router C is a Redback SE-400
>
> I have A&C talking OSPF and sharing routes just fine.
>
> I have A&B  & C&B complaining about what the Juniper is sending out
> and shutting it down.
>
> Router B config is
>
> # show protocols ospf
> export export-statics;
> area 0.0.0.0 {
>      authentication-type md5;
>      interface ge-0/0/0.0 {
>          authentication {
>              md5 1 key "$XXXXXXXXXXXXXXXXX"; ## SECRET-DATA
>          }
>      }
> }
>
> Router A config is
> interface GigabitEthernet4/1
>   description Link to CORE-SW-A-Fe-0-1
>   ip address 1.2.3.4 255.255.255.128
>   no ip directed-broadcast
>   ip ospf authentication message-digest
>   ip ospf authentication-key 7 XXXXXXXXXXXXXXX
>   ip ospf message-digest-key 1 md5 7 XXXXXXXXXXXXX
>   no negotiation auto
>
> router ospf 1
>   router-id 204.97.12.4
>   log-adjacency-changes
>   nsf
>   area 0 authentication message-digest
>   redistribute connected subnets
>   redistribute static subnets
>   network 1.2.3.0 0.0.0.255 area 0
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>