Authentication and Encryption
One breadth in which OSPFv3 is simpler than OSPFv2, at the agreement operation level, is that it uses
IPv6’s built-in affidavit abutment rather than implementing its own affidavit mechanisms.
OSPFv3 uses Affidavit Header (AH), alpha with Cisco IOS Release 12.3(4)T, and
Encapsulating Aegis Payload (ESP) protocols for authentication, alpha with Cisco IOS
Release 12.4(9)T. Both of these appearance crave a Crypto affection set in the router.
To accredit IPv6 OSPF affidavit application AH, affair the command ipv6 ospf authentication. To
enable encryption application ESP, affair the command ipv6 ospf encryption. These are interface
configuration commands. Note that ESP provides both encryption and authentication. Additionally note
that because AH and ESP are allotment of the IPsec protocol, you charge additionally configure IPsec security
policies to use them. The agreement capacity of IPsec are alfresco the ambit of this book, but you
can acquisition accompanying advice on Cisco.com at http://www.cisco.com/en/US/products/sw/iosswrel/
ps5187/products_configuration_guide_chapter09186a0080573b9c.html.
Here are three key things to apperceive about OSPFv3 affidavit and encryption:
■ OSPFv3 can use AH for authentication.
■ OSPFv3 can use ESP for affidavit and encryption.
■ OSPFv3 affidavit and encryption can be activated per breadth or per articulation (interface); per-link
configuration is added defended because it creates added layers of security.