D. Authentication

All OSPF protocol exchanges are authenticated. The OSPF packet header (see Section A.3.1) includes an authentication type field, and 64-bits of data for use by the appropriate authentication scheme (determined by the type field).

The authentication type is configurable on a per-area basis. Additional authentication data is configurable on a per-interface basis. For example, if an area uses a simple password scheme for authentication, a separate password may be configured for each network contained in the area.

Authentication types 0 and 1 are defined by this specification. All other authentication types are reserved for definition by the IANA (iana@ISI.EDU). The current list of authentication types is described below in Table 20.

                  AuType       Description
                  ___________________________________________
                  0            No authentication
                  1            Simple password
                  All others   Reserved for assignment by the
                               IANA (iana@ISI.EDU)

                      Table 20: OSPF authentication types.

D.1 AuType 0 -- No authentication

Use of this authentication type means that routing exchanges in the area are not authenticated. The 64-bit field in the OSPF header can contain anything; it is not examined on packet reception.

D.2 AuType 1 -- Simple password

Using this authentication type, a 64-bit field is configured on a per-network basis. All packets sent on a particular network must have this configured value in their OSPF header 64-bit authentication field. This essentially serves as a "clear" 64- bit password.

This guards against routers inadvertently joining the area. They must first be configured with their attached networks' passwords before they can participate in the routing domain.