[quagga-dev 10527] RFC-6506(Supporting Authentication Trailer for OSPFv3) implementation in quagga-0.99.21 version

Lokesh Pareta lokesh.pareta at tcs.com
Thu May 9 06:41:58 BST 2013


Hi All,

Tata Consultancy Services (TCS) wants to contribute to Quagga development 
by providing the implementation code for RFC-6506, developed and tested on 
quagga-0.99.21 version. 

Abstract of the RFC-6506:
Currently, OSPF for IPv6 (OSPFv3) uses IPsec as the only mechanism for 
authenticating protocol packets.
This behavior is different from authentication mechanisms present in other 
routing protocols (OSPFv2, Intermediate System to Intermediate System 
(IS-IS), RIP, and Routing Information Protocol Next Generation (RIPng)). 
In some environments, it has been found that IPsec is difficult to 
configure and maintain and thus cannot be used. 
RFC-6506 defines an alternative mechanism to authenticate OSPFv3 protocol 
packets so that OSPFv3 does not only depend upon IPsec for authentication.

Steps to test/run the developed patch file on quagga-0.99.21 :
As per RFC, implementation is done by TCS in order to provide 
authentication support on both interface and area.
Commands to be used are as follows:
For an interface(under interface <i/f name>)-
                ipv6 ospf6 sha-256-authentication [command to set AT-bit 
on interface]
                ipv6 ospf6 sha-256-key <key-id> sha-256 <password> 
[command to attach key-id and password to the packets]
For an area (under router ospf6)-
                area <area-id> sha-256-authentication [command to set 
AT-bit on area]
In order to authenticate OSPFv3 packets, please provide combination of 
both AT bit  on an interface/area and key-id with sha-256 password.

Please find following attachment:
Patch file of RFC-6506 implementation



Kindly revert in case of any queries or doubts and suggestions are also 
welcome.

Thanks & Regards,
Lokesh Pareta

Telecom Technology - NextGen R&D,
Tata Consultancy Services
TCS Towers, 249 D&E Udyog Vihar,
Phase IV, Gurgaon
Haryana, India
Cell:- +91 8506946082
Mailto: lokesh.pareta at tcs.com
Website: http://www.tcs.com

___________________________________________
Experience certainty.   IT Services
                        Business Solutions
                        Outsourcing
___________________________________________
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130509/82689cc9/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rfc-6506.patch
Type: application/octet-stream
Size: 63342 bytes
Desc: not available
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20130509/82689cc9/attachment-0001.obj>


More information about the Quagga-dev mailing list