Hi Tony, 1. I've never actually found it necessary to set key chain start times, as the defaults seem to be "forever." This is true both in labs I've done an in production. If someone knows a real rationale for manually setting the start time to Jan 1 1993 or whatever, I'm interested to hear it.
2. Assuming sufficient time has passed for any no-longer-authenticated route updates to age out (or a clear ip route *), then a ping script hitting interfaces all over the network would test whether your routing updates have successfully continued to be sent and received. On Thu, Oct 18, 2012 at 5:49 AM, Tony Singh <[email protected]> wrote: > Hi > > Just looking at Joe's video solution...... > > 1. when we initiate clear text or md5 authentication on an interface, do we > need to stipulate send/accept lifetime as default seems to already accept > it, I would think not as long as the "show key chain" shows it as valid > now..? right? > > R7#show key chain > Key-chain R5_R6_R7: > key 1 -- text "ipexpert_R567" > accept lifetime (always valid) - (always valid) [valid now] > send lifetime (always valid) - (always valid) [valid now] > > > 2. Joe created a tcl script for verification to ping interfaces after > authentication was applied, my query is that the md5 or clear text > parameters only authenticate a valid source for rip > updates, reachability is ok even when one side has md5/text and other > doesn't > > thanks in advance > > Tony > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
