From 4fc7085cfa36103b491aec130346f1a632187849 Mon Sep 17 00:00:00 2001
From: paul <paul>
Date: Sun, 12 Sep 2004 05:48:35 +0000
Subject: 2004-09-11 Paul Jakma <paul@dishone.st>

	* ospfd.texi: OSPF MD5 auth requires stable time.
---
 doc/ChangeLog  | 4 ++++
 doc/ospfd.texi | 7 ++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 97dddece..243ff96c 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,7 @@
+2004-09-11 Paul Jakma <paul@dishone.st>
+
+	* ospfd.texi: OSPF MD5 auth requires stable time.
+
 2004-08-31 Hasso Tepper <hasso at quagga.net>
 
 	* zebra.8: Document -s/--nl-bufsize command line switch.
diff --git a/doc/ospfd.texi b/doc/ospfd.texi
index 594845ca..842dfcf4 100644
--- a/doc/ospfd.texi
+++ b/doc/ospfd.texi
@@ -258,7 +258,12 @@ all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars.
 @deffnx {Interface Command} {no ip ospf message-digest-key} {}
 Set OSPF authentication key to a cryptographic password.  The cryptographic
 algorithm is MD5.  KEYID identifies secret key used to create the message
-digest.  KEY is the actual message digest key up to 16 chars.
+digest.  KEY is the actual message digest key up to 16 chars. Note that OSPF
+MD5 authentication requires that time never go backwards, even across
+resets, if ospfd is to be able to promptly reestabish adjacencies with it's
+neighbours after restarts/reboots. The host should have system time be set
+at boot from an external source (eg battery backed clock, NTP, etc.) if MD5
+authentication is to be expected to work reliably.
 @end deffn
 
 @deffn {Interface Command} {ip ospf cost <1-65535>} {}
-- 
cgit v1.2.1