Browse Source

[doc] Expand/cross-ref MD5 commands, tweak anchors to avoid added spacing

2006-07-28 Paul Jakma <paul.jakma@sun.com>

	* main.texi: link-detect works on Solaris too.
	* ospfd.texi: Twiddle around with anchors a bit more.
	  Clarify how setting MD5 auth by area and by interface interact,
	  and add cross-references, as well as to the required
	  command for setting key material.
Paul Jakma 14 years ago
parent
commit
c3eab60e77
3 changed files with 75 additions and 56 deletions
  1. 8 0
      doc/ChangeLog
  2. 2 2
      doc/main.texi
  3. 65 54
      doc/ospfd.texi

+ 8 - 0
doc/ChangeLog

@@ -1,3 +1,11 @@
+2006-07-28 Paul Jakma <paul.jakma@sun.com>
+
+	* main.texi: link-detect works on Solaris too.
+	* ospfd.texi: Twiddle around with anchors a bit more.
+	  Clarify how setting MD5 auth by area and by interface interact,
+	  and add cross-references, as well as to the required
+	  command for setting key material.
+
 2006-07-27 Paul Jakma <paul.jakma@sun.com>
 
 	* quagga.texi: Remove unused index definitions

+ 2 - 2
doc/main.texi

@@ -79,8 +79,8 @@ configuration.
 @deffn {Interface Command} {link-detect} {}
 @deffnx {Interface Command} {no link-detect} {}
 Enable/disable link-detect on platforms which support this. Currently 
-only linux and with certain drivers - those which properly support the 
-IFF_RUNNING flag.
+only Linux and Solaris, and only where network interface drivers support reporting
+link-state via the IFF_RUNNING flag.
 @end deffn
 
 @node Static Route Commands

+ 65 - 54
doc/ospfd.texi

@@ -11,7 +11,6 @@ convergence times.  OSPF is widely used in large networks such as
 networks.
 
 @menu
-
 * Configuring ospfd::           
 * OSPF router::                 
 * OSPF area::                   
@@ -48,15 +47,15 @@ support multiple OSPF processes.  So you can not specify an OSPF process
 number.
 @end deffn
 
-@anchor{ospf router-id}
 @deffn {OSPF Command} {ospf router-id @var{a.b.c.d}} {}
 @deffnx {OSPF Command} {no ospf router-id} {}
-This sets the router-ID of the OSPF process. The router-ID may be an IP
-address of the router, but need not be - it can be any arbitrary 32bit
-number. However it MUST be unique within the entire OSPF domain to the
-OSPF speaker - bad things will happen if multiple OSPF speakers are
-configured with the same router-ID! If one is not specified then
-@command{ospfd} will obtain a router-ID automatically from @command{zebra}.
+@anchor{ospf router-id}This sets the router-ID of the OSPF process. The
+router-ID may be an IP address of the router, but need not be - it can
+be any arbitrary 32bit number. However it MUST be unique within the
+entire OSPF domain to the OSPF speaker - bad things will happen if
+multiple OSPF speakers are configured with the same router-ID! If one
+is not specified then @command{ospfd} will obtain a router-ID
+automatically from @command{zebra}.
 @end deffn
 
 @deffn {OSPF Command} {ospf abr-type @var{type}} {}
@@ -113,18 +112,16 @@ detail argument, all changes in adjacency status are shown.  Without detail,
 only changes to full or regressions are shown.
 @end deffn
 
-@anchor{OSPF passive-interface}
 @deffn {OSPF Command} {passive-interface @var{interface}} {}
 @deffnx {OSPF Command} {no passive-interface @var{interface}} {}
-
-Do not speak OSPF interface on the given interface, but do advertise
-the interface as a stub link in the router-@acronym{LSA,Link State
-Advertisement} for this router. This allows one to advertise addresses
-on such connected interfaces without having to originate
-AS-External/Type-5 LSAs (which have global flooding scope) - as would
-occur if connected addresses were redistributed into OSPF
-(@pxref{Redistribute routes to OSPF})@. This is the only way to advertise
-non-OSPF links into stub areas.
+@anchor{OSPF passive-interface} Do not speak OSPF interface on the
+given interface, but do advertise the interface as a stub link in the
+router-@acronym{LSA,Link State Advertisement} for this router. This
+allows one to advertise addresses on such connected interfaces without
+having to originate AS-External/Type-5 LSAs (which have global flooding
+scope) - as would occur if connected addresses were redistributed into
+OSPF (@pxref{Redistribute routes to OSPF})@. This is the only way to
+advertise non-OSPF links into stub areas.
 @end deffn
 
 @deffn {OSPF Command} {timers throttle spf @var{delay} @var{initial-holdtime} @var{max-holdtime}} {}
@@ -204,11 +201,12 @@ viewed with the @ref{show ip ospf} command.
 
 @deffn {OSPF Command} {auto-cost reference-bandwidth <1-4294967>} {}
 @deffnx {OSPF Command} {no auto-cost reference-bandwidth} {}
-This sets the reference bandwidth for cost calculations, where this
-bandwidth is considered equivalent to an OSPF cost of 1, specified in
-Mbits/s. The default is 100Mbit/s (i.e. a link of bandwidth 100Mbit/s
-or higher will have a cost of 1. Cost of lower bandwidth links will be
-scaled with reference to this cost).
+@anchor{OSPF auto-cost reference-bandwidth}This sets the reference
+bandwidth for cost calculations, where this bandwidth is considered
+equivalent to an OSPF cost of 1, specified in Mbits/s. The default is
+100Mbit/s (i.e. a link of bandwidth 100Mbit/s or higher will have a
+cost of 1. Cost of lower bandwidth links will be scaled with reference
+to this cost).
 
 This configuration setting MUST be consistent across all routers within the
 OSPF domain.
@@ -289,11 +287,11 @@ network-LSA) from range 10.0.0.0/8.
 This command makes sense in ABR only.
 @end deffn
 
-@anchor{OSPF virtual-link} 
 @deffn {OSPF Command} {area @var{a.b.c.d} virtual-link @var{a.b.c.d}} {}
 @deffnx {OSPF Command} {area <0-4294967295> virtual-link @var{a.b.c.d}} {}
 @deffnx {OSPF Command} {no area @var{a.b.c.d} virtual-link @var{a.b.c.d}} {}
 @deffnx {OSPF Command} {no area <0-4294967295> virtual-link @var{a.b.c.d}} {}
+@anchor{OSPF virtual-link}
 @end deffn
 
 @deffn {OSPF Command} {area @var{a.b.c.d} shortcut} {}
@@ -387,8 +385,15 @@ area.
 
 @deffn {OSPF Command} {area @var{a.b.c.d} authentication message-digest} {}
 @deffnx {OSPF Command} {area <0-4294967295> authentication message-digest} {}
-Specify that OSPF packets should be authenticated with MD5 HMACs for the given
-area.
+
+@anchor{area authentication message-digest}Specify that OSPF packets
+must be authenticated with MD5 HMACs within the given area. Keying
+material must also be configured on a per-interface basis (@pxref{ip
+ospf message-digest-key}).
+
+MD5 authentication may also be configured on a per-interface basis
+(@pxref{ip ospf authentication message-digest}). Such per-interface
+settings will override any per-area authentication setting.
 @end deffn
 
 @node OSPF interface
@@ -400,21 +405,15 @@ Set OSPF authentication key to a simple password.  After setting @var{AUTH_KEY},
 all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars.
 
 Simple text password authentication is insecure and deprecated in favour of
-MD5 HMAC authentication (@pxref{OSPF MD5 HMAC authentication}).
+MD5 HMAC authentication (@pxref{ip ospf authentication message-digest}).
 @end deffn
 
-@anchor{OSPF MD5 HMAC authentication}
-@deffn {Interface Command} {ip ospf message-digest-key KEYID md5 KEY} {}
-@deffnx {Interface Command} {no ip ospf message-digest-key} {}
-Set OSPF authentication key to a cryptographic password.  The cryptographic
-algorithm is MD5.  
-
-KEYID identifies secret key used to create the message digest. This ID
-is part of the protocol and must be consistent across routers on a
-link.
-
-KEY is the actual message digest key, of up to 16 chars (larger strings
-will be truncated), and is associated with the given KEYID.
+@deffn {Interface Command} {ip ospf authentication message-digest} {}
+@anchor{ip ospf authentication message-digest}Specify that MD5 HMAC
+authentication must be used on this interface. MD5 keying material must
+also be configured (@pxref{ip ospf message-digest-key}). Overrides any
+authentication enabled on a per-area basis (@pxref{area
+authentication message-digest}).
 
 Note that OSPF MD5 authentication requires that time never go backwards
 (correct time is NOT important, only that it never goes backwards), even
@@ -426,19 +425,32 @@ storage and restored at boot if MD5 authentication is to be expected to work
 reliably.
 @end deffn
 
+@deffn {Interface Command} {ip ospf message-digest-key KEYID md5 KEY} {}
+@deffnx {Interface Command} {no ip ospf message-digest-key} {}
+@anchor{ip ospf message-digest-key}Set OSPF authentication key to a
+cryptographic password.  The cryptographic algorithm is MD5.  
+
+KEYID identifies secret key used to create the message digest. This ID
+is part of the protocol and must be consistent across routers on a
+link.
+
+KEY is the actual message digest key, of up to 16 chars (larger strings
+will be truncated), and is associated with the given KEYID.
+@end deffn
+
 @deffn {Interface Command} {ip ospf cost <1-65535>} {}
 @deffnx {Interface Command} {no ip ospf cost} {}
 Set link cost for the specified interface.  The cost value is set to router-LSA's
 metric field and used for SPF calculation.
 @end deffn
 
-@anchor{ip ospf dead-interval minimal}
 @deffn {Interface Command} {ip ospf dead-interval <1-65535>} {}
 @deffnx {Interface Command} {ip ospf dead-interval minimal hello-multiplier <2-20>} {}
 @deffnx {Interface Command} {no ip ospf dead-interval} {}
-Set number of seconds for RouterDeadInterval timer value used for Wait Timer
-and Inactivity Timer.  This value must be the same for all routers attached
-to a common network.  The default value is 40 seconds.
+@anchor{ip ospf dead-interval minimal} Set number of seconds for
+RouterDeadInterval timer value used for Wait Timer and Inactivity
+Timer.  This value must be the same for all routers attached to a
+common network.  The default value is 40 seconds.
 
 If 'minimal' is specified instead, then the dead-interval is set to 1
 second and one must specify a hello-multiplier. The hello-multiplier
@@ -491,7 +503,6 @@ The default value is 1 seconds.
 @node Redistribute routes to OSPF
 @section Redistribute routes to OSPF
 
-@anchor{OSPF redistribute}
 @deffn {OSPF Command} {redistribute (kernel|connected|static|rip|bgp)} {}
 @deffnx {OSPF Command} {redistribute (kernel|connected|static|rip|bgp) @var{route-map}} {}
 @deffnx {OSPF Command} {redistribute (kernel|connected|static|rip|bgp) metric-type (1|2)} {}
@@ -501,10 +512,11 @@ The default value is 1 seconds.
 @deffnx {OSPF Command} {redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) metric <0-16777214>} {}
 @deffnx {OSPF Command} {redistribute (kernel|connected|static|rip|bgp) metric-type (1|2) metric <0-16777214> route-map @var{word}} {}
 @deffnx {OSPF Command} {no redistribute (kernel|connected|static|rip|bgp)} {}
-Redistribute routes of the specified protocol or kind into OSPF, with
-the metric type and metric set if specified, filtering the routes using
-the given route-map if specified. Redistributed routes may also be
-filtered with distribute-lists, see @ref{ospf distribute-list}.
+@anchor{OSPF redistribute}Redistribute routes of the specified protocol
+or kind into OSPF, with the metric type and metric set if specified,
+filtering the routes using the given route-map if specified.
+Redistributed routes may also be filtered with distribute-lists, see
+@ref{ospf distribute-list}.
 
 Redistributed routes are distributed as into OSPF as Type-5 External
 LSAs into links to areas that accept external routes, Type-7 External LSAs
@@ -530,11 +542,11 @@ type. If the 'always' keyword is given then the default is always
 advertised, even when there is no default present in the routing table.
 @end deffn
 
-@anchor{ospf distribute-list}
 @deffn {OSPF Command} {distribute-list NAME out (kernel|connected|static|rip|ospf} {}
 @deffnx {OSPF Command} {no distribute-list NAME out (kernel|connected|static|rip|ospf} {}
-Apply the access-list filter, NAME, to redistributed routes of the given type
-before allowing the routes to redistributed into OSPF (@pxref{OSPF redistribute}).
+@anchor{ospf distribute-list}Apply the access-list filter, NAME, to
+redistributed routes of the given type before allowing the routes to
+redistributed into OSPF (@pxref{OSPF redistribute}).
 @end deffn
 
 @deffn {OSPF Command} {default-metric <0-16777214>} {}
@@ -556,10 +568,9 @@ before allowing the routes to redistributed into OSPF (@pxref{OSPF redistribute}
 @node Showing OSPF information
 @section Showing OSPF information
 
-@anchor{show ip ospf}
 @deffn {Command} {show ip ospf} {}
-Show information on a variety of general OSPF and area state and configuration
-information.
+@anchor{show ip ospf}Show information on a variety of general OSPF and
+area state and configuration information.
 @end deffn
 
 @deffn {Command} {show ip ospf interface [INTERFACE]} {}