Does anybody out there use Authentication Header (AH)?

It can be used to prevent NAT on an intermediate path, which can be useful under certain circumstances. I have seen it in the wild, both in Internet and private networking contexts.

David Barak

I'm using AH for OSPFv2 and OSPFv3 authentication. For OSPFv3, there
is no other option than some kind of IPsec for authentication. I'm
also using it for OSPFv2 so I don't have to maintain multiple
authentication methods and keys for the different protocols.

OSPF WG has come out with a mechanism that can be used to secure
OSPFv3 without IPsec -

It should get published as an RFC any time now.

BTW, there isnt any standard for using IPsec with OSPFv2, so youre
probably using a proprietary solution. I think a better solution is to
move to OSPFv3-AT, as its very similar to OSPFv2 authentication.