拓扑图:

eigrp_lab3_eigrp MD5验证

配置:

R1:

key chain ccna
 key 1
  key-string cisco
call rsvp-sync
!

interface Loopback1
 ip address 1.1.1.1 255.255.255.0
!
interface Serial1/0
 ip address 12.1.1.1 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 ccna
 serial restart-delay 0
!
router eigrp 1
 network 1.0.0.0
 network 12.0.0.0
 no auto-summary

R2:

key chain ccna
 key 1
  key-string cisco
call rsvp-sync
!
interface Serial1/0
 ip address 12.1.1.2 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 ccna
 serial restart-delay 0
!
interface Serial1/1
 ip address 23.1.1.1 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 ccna
 serial restart-delay 0
!
router eigrp 1
 network 12.0.0.0
 network 23.0.0.0
 no auto-summary
!

R3:

key chain ccna
 key 1
  key-string ccie
call rsvp-sync
!
interface Loopback1
 ip address 3.3.3.3 255.255.255.0
!
interface Serial1/0
 ip address 23.1.1.2 255.255.255.0
 ip authentication mode eigrp 1 md5
 ip authentication key-chain eigrp 1 ccna
 serial restart-delay 0
!
router eigrp 1
 network 3.0.0.0
 network 23.0.0.0
 no auto-summary
!

说明

1.R1与R2验证是成功的,因为他们的key ID和密钥都是相同的

2.R2和R3验证不成功,因为他们钥匙链的密钥不相同

DUAL-5-NBRCHANGE: IP-EIGRP 1: Neighbor 23.1.1.1 (Serial1/0) is down: Auth failure

R3#debug eigrp packet

EIGRP:  key id = 1, authentication mismatch

EIGRP: Serial1/0: ignored packet from 23.1.1.1, opcode = 5 (invalid authentication)