Which of the following authentication methods is not used with OSPFv3? (Select the best answer.)
- IPv6 IPSec
Plaintext authentication is not used with Open Shortest Path First version 3 (OSPFv3), which is also called OSPF for IP version 6 (IPv6). OSPFv3 uses IPv6 IP Security (IPSec) authentication, which in turn uses either Message Digest 5 (MD5) or the Secure Hash Algorithm 1 (SHA1). Although plaintext authentication is not used by OSPFv3, you can configure OSPFv3 either to encrypt the MD5 or SHA1 hash that is used by IPv6 IPSec or to leave the hash unencrypted. Encrypting the hash provides an extra layer of security but requires additional processing that could introduce latency. You can issue either the ospfv3 authentication command or the ipv6 ospf authentication command to configure authentication for OSPFv3 on an interface.
MD5 and plaintext authentication are supported by OSPF version 2 (OSPFv2), which is the IPv4 version of OSPF. By default, no authentication method is used with OSPFv2. To configure a router for MD5 authentication, you should first configure the authentication password by issuing the ip ospf authenticationkey password command in interface configuration mode. Then you should configure MD5 authentication for an OSPF interface by issuing the ip ospf authentication messagedigest command in interface configuration mode. Because plaintext authentication is notoriously insecure, Cisco recommends using MD5 authentication for OSPFv2 instead of plaintext authentication.