Guest

Preview Tool

Cisco Bug: CSCvu54786 - Crash on configuring a highest key identifier for OSPF authentication under an interface

Last Modified

Jul 25, 2020

Products (1)

  • Cisco IOS

Known Affected Releases

17.4.1

Description (partial)

Symptom:
Crash seen on trying to configure the largest key-identified under the key-chain and then using it under an interface for OSPF authentication

Crash is reproducible in ISR-4k as well as ASR1k

Conditions:
When a long key-chain is configured under an interface for OSPF authentication.

Buggy config:
Ash-Ovld(config)#key chain pneumonoultramicroscopicsilicovolcanoconiosis
Ash-Ovld(config-keychain)# description This is the longest word in english
Ash-Ovld(config-keychain)# key 2147483647           >>>>>>>>>>>>>>>>>>>>>>>>>>This causes the crash
Ash-Ovld(config-keychain-key)#  key-string test123string!@#$%^
Ash-Ovld(config-keychain-key)#cryptographic-algorithm hmac-sha-384
Ash-Ovld(config-keychain-key)#interface Port-channel1
Ash-Ovld(config-if)# ip address 66.66.66.66 255.255.255.0
Ash-Ovld(config-if)# ip ospf authentication key-chain pneumonoultramicroscopicsilicovolcanoconiosis    

Working config:
Router(config)#key chain pneumonoultramicroscopicsilicovolcanoconiosis
Router(config-keychain)#description This is the longest word in english
Router(config-keychain)#key 1
Router(config-keychain-key)#key-string test123string!@#$%^
Router(config-keychain-key)#cryptographic-algorithm hmac-sha-384
Router(config-keychain-key)#int gi0/0/0
Router(config-if)#ip ospf authentication key
Router(config-if)#$n key-chain pneumonoultramicroscopicsilicovolcanoconiosis 
Router(config-if)#end
Router#sh run brief |
*Jun  7 08:27:03.637: %SYS-5-CONFIG_I: Configured from console by console sec key
key chain pneumonoultramicroscopicsilicovolcanoconiosis
 description This is the longest word in english
 key 1
  key-string test123string!@#$%^
   cryptographic-algorithm hmac-sha-384
 rsakeypair TP-self-signed-1088873346
 ip ospf authentication key-chain pneumonoultramicroscopicsilicovolcanoconiosis
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#key chain pneumonoultramicroscopicsilicovolcanoconiosis
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.