2004-10-11 Paul Jakma <paul@dishone.st>

* ospfd.texi: reformat the ospf md5 paragraph, add an additional
	  way to work around bad clocks.

doc/ChangeLog

@@ -1,3 +1,8 @@
+2004-10-11 Paul Jakma <paul@dishone.st>
+
+	* ospfd.texi: reformat the ospf md5 paragraph, add an additional
+	  way to work around bad clocks.
+
 2004-10-03 Hasso Tepper <hasso at quagga.net>
 
 	* vtysh.1: Update vtysh man page to reflect changes in shell. Remove

doc/ospfd.texi

@@ -258,12 +258,16 @@ all OSPF packets are authenticated. @var{AUTH_KEY} has length up to 8 chars.
 @deffnx {Interface Command} {no ip ospf message-digest-key} {}
 Set OSPF authentication key to a cryptographic password.  The cryptographic
 algorithm is MD5.  KEYID identifies secret key used to create the message
-digest.  KEY is the actual message digest key up to 16 chars. Note that OSPF
+digest.  KEY is the actual message digest key up to 16 chars. 
-MD5 authentication requires that time never go backwards, even across
+
-resets, if ospfd is to be able to promptly reestabish adjacencies with it's
+Note that OSPF MD5 authentication requires that time never go backwards
-neighbours after restarts/reboots. The host should have system time be set
+(correct time is not important, only that it never goes backwards), even
-at boot from an external source (eg battery backed clock, NTP, etc.) if MD5
+across resets, if ospfd is to be able to promptly reestabish adjacencies
-authentication is to be expected to work reliably.
+with its neighbours after restarts/reboots. The host should have system
+time be set at boot from an external source (eg battery backed clock, NTP,
+etc.) or else the system clock should be periodically saved to non-volative
+storage and restored at boot if MD5 authentication is to be expected to work
+reliably.
 @end deffn
 
 @deffn {Interface Command} {ip ospf cost <1-65535>} {}