Which three steps are required to rekey the routers on a link without dropping OSPFv3 protocol packets or disturbing the adjacency? (Choose three.)
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.ABC.
OSPFv3 is a link-state protocol that is used to advertise link state information between routers in IPv6 networks. In order to ensure secure communication between routers, it is important to periodically rekey the routers on a link. Rekeying involves generating a new set of Security Associations (SAs) with new SPIs and key values, while maintaining the existing adjacency and without disturbing OSPFv3 protocol packets.
The three steps required to rekey the routers on a link without dropping OSPFv3 protocol packets or disturbing the adjacency are:
Create an additional inbound SA for the interface that is being rekeyed using a new SPI and the new key: This step involves creating a new inbound SA on each router for the interface that is being rekeyed. This new SA should use a new SPI (Security Parameter Index) and the new key values. The existing inbound SA should still remain in place until the new SA is established.
Replace the original outbound SA with one that uses the new SPI and key values: In this step, the original outbound SA on each router should be replaced with a new SA that uses the new SPI and key values. This ensures that the router can encrypt outgoing OSPFv3 protocol packets using the new key values.
Remove the original inbound SA: Once the new inbound SA is established and the new outbound SA is in place, the original inbound SA can be safely removed from each router. This step ensures that the routers are now using the new key values to decrypt incoming OSPFv3 protocol packets.
It is important to note that the order of these steps is crucial in order to maintain the existing adjacency and avoid dropping OSPFv3 protocol packets. Also, it is necessary to perform these steps on each router on the link to ensure secure communication between all routers.