debug ip ospf adj (Authentication)
We talk about something more about MD5 authentication in this very beginning:
MD5 authentication provides higher security than plain text authentication. This method uses the MD5 algorithm to compute a hash value from the contents of the OSPF packet and a password (or key). This hash value is transmitted in the packet, along with a key ID and a non-decreasing sequence number. The receiver, which knows the same password, calculates its own hash value. If nothing in the message has changed, the receiver's hash value should match the sender's hash value which is transmitted with the message.
The key ID allows the routers to reference multiple passwords. This makes password migration easier and more secure. For example, to migrate from one password to another, configure a password under a different key ID and remove the first key.
The sequence number prevents replay attacks, in which OSPF packets are captured, modified, and retransmitted to a router. As with plain text authentication, MD5 authentication passwords do not have to be the same throughout an area. However, they do need to be the same between neighbors.
R1-2503# debug ip ospf adj!--- Indicates that the neighbor is configured
00:51:23: OSPF: Rcv pkt from 184.108.40.206, Serial0 : Mismatch Authentication type. Input packet specified type 0, we use type 1
!--- for Null authentication (Type 0) whereas this router is
!--- configured with Plain-text (Type 1) authentication.
00:51:33: OSPF: Rcv pkt from 220.127.116.11, Serial0 : Mismatch Authentication Key - Clear Text!--- Both neighbors are configured for Plain-text
!--- authentication but Authentication key values do not match.
00:59:33: OSPF: Rcv pkt from 18.104.22.168, Serial0 : Mismatch Authentication type. Input packet specified type 1, we use type 2!--- Neighbor is configured for Plain text
!--- authentication (Type 1) and this router is configured
!--- for Message digest authentication (Type 2) resulting in mismatch.
00:59:33: OSPF: Send with youngest Key 1!--- Signifies that neighbor is configured
00:59:43: OSPF: Rcv pkt from 22.214.171.124, Serial0 : Mismatch Authentication Key - No message digest key 2 on interface
!--- for key 2 whereas the local router is configured with Key 1.