Dell PowerSwitch S4112F-ON OS10 Enterprise Edition User Guide Release 10.4.0ER - Page 390
ipv6 ospf dead-interval, ipv6 ospf encryption
View all Dell PowerSwitch S4112F-ON manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 390 highlights
Example OS10(config)# interface vlan 10 OS10(conf-if-vl-10)# ipv6 ospf cost 10 Supported Releases 10.3.0E or later ipv6 ospf dead-interval Sets the time interval since the last hello-packet was received from a router. After the interval elapses, the neighboring routers declare the router dead. Syntax ipv6 ospf dead-interval seconds Parameters seconds - Enter the dead interval value in seconds (1 to 65535). Default 40 seconds Command Mode INTERFACE Usage Information The dead interval is four times the default hello-interval by default. The no version of this command removes the IPv6 OSPF dead-interval configuration. Example OS10(config)# interface vlan 10 OS10(conf-if-vl-10)# ipv6 ospf dead-interval 10 Supported Releases 10.3.0E or later ipv6 ospf encryption Configures OSPFv3 encryption on an IPv6 interface. Syntax ipv6 ospf encryption {ipsec spi number esp encryption-type key authenticationtype key | null} Parameters • ipsec spi number - Enter a unique security policy index number (256 to 4294967295). • esp encryption-type - Enter the encryption algorithm used with ESP (3DES, DES, AES-CBC, or NULL). For AES-CBC, only the AES-128 and AES-192 ciphers are supported. • key - Enter the text string used in the encryption algorithm. • authentication-type - Enter the encryption authentication algorithm to use (MD5 or SHA1). • key - Enter the text string used in the authentication algorithm. • null - Enter the keyword to not use the IPsec encryption. Default Command Mode Usage Information IPv6 OSPF encryption is not configured on an interface. INTERFACE • Before you enable IPsec authentication on an OSPFv3 interface, you must enable IPv6 unicast routing globally, configure an IPv6 address and enable OSPFv3 on the interface, and assign it to an area. • When you configure encryption on an interface, both IPsec encryption and authentication are enabled. You cannot configure encryption if you have already configured an interface for IPsec authentication (ipv6 ospf authentication ipsec). To configure encryption, you must first delete the authentication policy. • All neighboring OSPFv3 routers must share the same encryption key to decrypt information. Only a nonencrypted key is supported. Required lengths of the non-encrypted key are: 3DES - 48 hex digits; DES - 16 hex digits; AES-CBC - 32 hex digits for AES-128 and 48 hex digits for AES-192. • All neighboring OSPFv3 routers must share the same authentication key to exchange information. Only a nonencrypted key is supported. For MD5 authentication, the non-encrypted key must be 32 plain hex digits. For SHA-1 authentication, the non-encrypted key must be 40 hex digits. An encrypted key is not supported. 390 Layer 3