summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/ChangeLog6
-rw-r--r--doc/bgpd.texi2
-rw-r--r--doc/ospfd.texi12
3 files changed, 16 insertions, 4 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 569f8ff3..488ea309 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,9 @@
+2006-06-26 Paul Jakma <paul.jakma@sun.com>
+
+ * ospfd.texi: Document that MD5 keyid is part of the protocol.
+ * bgpd.texi: shut texinfo warnings up by replacing brackets in
+ variable with angle brackets.
+
2006-05-23 Paul Jakma <paul.jakma@sun.com>
* bgpd.texi: Document the update-source command.
diff --git a/doc/bgpd.texi b/doc/bgpd.texi
index 8c64d78f..d82f6c37 100644
--- a/doc/bgpd.texi
+++ b/doc/bgpd.texi
@@ -277,7 +277,7 @@ This command specifies an announced route's nexthop as being equivalent
to the address of the bgp router.
@end deffn
-@deffn {BGP} {neighbor @var{peer} update-source @var{(ifname|address)}} {}
+@deffn {BGP} {neighbor @var{peer} update-source @var{<ifname|address>}} {}
@deffnx {BGP} {no neighbor @var{peer} update-source} {}
Specify the IPv4 source address to use for the @acronym{BGP} session to this
neighbour, may be specified as either an IPv4 address directly or
diff --git a/doc/ospfd.texi b/doc/ospfd.texi
index 65d4e845..ff0d78b9 100644
--- a/doc/ospfd.texi
+++ b/doc/ospfd.texi
@@ -378,14 +378,20 @@ all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars.
@deffn {Interface Command} {ip ospf message-digest-key KEYID md5 KEY} {}
@deffnx {Interface Command} {no ip ospf message-digest-key} {}
Set OSPF authentication key to a cryptographic password. The cryptographic
-algorithm is MD5. KEYID identifies secret key used to create the message
-digest. KEY is the actual message digest key up to 16 chars.
+algorithm is MD5.
+
+KEYID identifies secret key used to create the message digest. This ID
+is part of the protocol and must be consistent across routers on a
+link.
+
+KEY is the actual message digest key, of up to 16 chars (larger strings
+will be truncated), and is associated with the given KEYID.
Note that OSPF MD5 authentication requires that time never go backwards
(correct time is NOT important, only that it never goes backwards), even
across resets, if ospfd is to be able to promptly reestabish adjacencies
with its neighbours after restarts/reboots. The host should have system
-time be set at boot from an external source (eg battery backed clock, NTP,
+time be set at boot from an external or non-volatile source (eg battery backed clock, NTP,
etc.) or else the system clock should be periodically saved to non-volative
storage and restored at boot if MD5 authentication is to be expected to work
reliably.