diff options
-rw-r--r-- | doc/ChangeLog | 5 | ||||
-rw-r--r-- | doc/ospfd.texi | 16 |
2 files changed, 15 insertions, 6 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog index 625b2a74..7d1211c7 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2004-10-11 Paul Jakma <paul@dishone.st> + + * ospfd.texi: reformat the ospf md5 paragraph, add an additional + way to work around bad clocks. + 2004-10-03 Hasso Tepper <hasso at quagga.net> * vtysh.1: Update vtysh man page to reflect changes in shell. Remove diff --git a/doc/ospfd.texi b/doc/ospfd.texi index 842dfcf4..aa66ce15 100644 --- a/doc/ospfd.texi +++ b/doc/ospfd.texi @@ -258,12 +258,16 @@ all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars. @deffnx {Interface Command} {no ip ospf message-digest-key} {} Set OSPF authentication key to a cryptographic password. The cryptographic algorithm is MD5. KEYID identifies secret key used to create the message -digest. KEY is the actual message digest key up to 16 chars. Note that OSPF -MD5 authentication requires that time never go backwards, even across -resets, if ospfd is to be able to promptly reestabish adjacencies with it's -neighbours after restarts/reboots. The host should have system time be set -at boot from an external source (eg battery backed clock, NTP, etc.) if MD5 -authentication is to be expected to work reliably. +digest. KEY is the actual message digest key up to 16 chars. + +Note that OSPF MD5 authentication requires that time never go backwards +(correct time is not important, only that it never goes backwards), even +across resets, if ospfd is to be able to promptly reestabish adjacencies +with its neighbours after restarts/reboots. The host should have system +time be set at boot from an external source (eg battery backed clock, NTP, +etc.) or else the system clock should be periodically saved to non-volative +storage and restored at boot if MD5 authentication is to be expected to work +reliably. @end deffn @deffn {Interface Command} {ip ospf cost <1-65535>} {} |