Security
7450 ESS System Mangement Guide Page 63
The following table details which authentication algorithm can be used in association with
specific routing protocols.
Table 6 shows the mapping between these attributes and the CLI command to set them.
A vector that determines whether the
key[i] is to be used to generate MACs for
inbound segments, outbound segments,
or both.
config>system>security>keychain>direction
Start time from which key[i] can be used. config>system>security>keychain>direction>bi>entry>begin-time
config>system>security>keychain>direction>uni>send>entry >begin-time
End time after which key[i] cannot be
used by sending TCPs.
Inferred by the begin-time of the next key (youngest key rule).
Start time from which key[i] can be used. config>system>security>keychain>direction>bi>entry>begin-time
config>system>security>keychain>direction>bi>entry>tolerance
config>system>security>keychain>direction>uni>receive>entry >begin-
time
config>system>security>keychain>direction>uni>receive>entry >tolerance
End time after which key[i] cannot be
used
config>system>security>keychain>direction>uni>receive>entry>end-time
Table 6: Keychain Mapping (Continued)
Definition CLI
Table 7: Security Algorithm Support Per Protocol
Protocol Clear Text MD5 HMAC-
MD5
HMAC-
SHA-1-96
HMAC-
SHA-1
HMAC-
SHA-256
AES-128-
CMAC-96
OSPF Yes Yes No Yes Yes Yes No
IS-ISYesNoYes NoYesYesNo
RSVPYesNoYes NoYesNo No
BGP No Yes No Yes No No Yes
LDP No Yes No Yes No No Yes
To Next Page
Loading...
