Which of the following authentication methods is not used with OSPFv3? (Select the best answer.)
A.
plaintext
B.
MD5
C.
SHA1
D.
IPv6 IPSec
Explanation:
Plaintext authentication is not used with Open Shortest Path First version 3 (OSPFv3), which is also called
OSPF for IP version 6 (IPv6). OSPFv3 uses IPv6 IP Security (IPSec) authentication, which in turn uses either
Message Digest 5 (MD5) or the Secure Hash Algorithm 1 (SHA1). Although plaintext authentication is not used
by OSPFv3, you can configure OSPFv3 either to encrypt the MD5 or SHA1 hash that is used by IPv6 IPSec or
to leave the hash unencrypted. Encrypting the hash provides an extra layer of security but requires additional
processing that could introduce latency. You can issue either the ospfv3 authentication command or the ipv6
ospf authentication command to configure authentication for OSPFv3 on an interface.
MD5 and plaintext authentication are supported by OSPF version 2 (OSPFv2), which is the IPv4 version of
OSPF. By default, no authentication method is used with OSPFv2. To configure a router for MD5
authentication, you should first configure the authentication password by issuing the ip ospf authenticationkey
password command in interface configuration mode. Then you should configure MD5 authentication for an
OSPF interface by issuing the ip ospf authentication messagedigest command in interface configuration mode.
Because plaintext authentication is notoriously insecure, Cisco recommends using MD5 authentication forOSPFv2 instead of plaintext authentication.Cisco: IPv6 Routing: OSPFv3 Authentication Support with IPsec: How to Configure IPv6 Routing: OSPFv3
Authentication Support with IPsec