Configuring BGP4
December 2005 © Foundry Networks, Inc. 21 - 17
Syntax: [no] neighbor <ip-addr> | <peer-group-name> password [0 | 1] <string>
The <ip-addr> |
<peer-group-name> parameter in
dicates whether you are configur
ing an in
dividual neighbor
or a
peer group. If you specify a neighbor’s IP address, you are configuring that individual neighbor. If you specify a
peer group name, you are configuring a peer group.
The password <string> parameter specifies an MD5 authentication string for securing sessions between the
Layer 3 Switch and the neighbor. You can enter a string up to 80 characters long. The string can contain any
alphanumeric characters, but the first character cannot be a number. If the password contains a number, do not
enter a space following the number.
The 0 | 1 parameter is the encryption option, which you can omit (the default) or which can be one of the following.
• 0 – Disables encryption for the authentication string you specify with the command. The password or string is
shown as clear text in the output of commands that display neighbor or peer group configuration information.
• 1 – Assumes that the authentication string you enter is the encrypted form, and decrypts the value before
using it.
NOTE: If you want the software to assume that the value you enter is the clear-text form, and to encrypt display
of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software to use the default
behavior.
If you specify encryption option 1, the software assumes that you are entering the encrypted form of the password
or authentication string. In this case, the software decrypts the password or string you enter before using the
value for authentication. If you accidentally enter option 1 followed by the clear-text version of the password or
string, authentication will fail because the value used by the software will not match the value you intended to use.
Displaying the Authentication String
If you want to display the authentication string, enter the following commands:
FESX424 Router(config)# enable password-display
FESX424 Router(config)# show ip bgp neighbors
The enable password-display command enables display of the authentication string, but only in the output of the
show ip bgp neighbors command. Display of the string is still encrypted in the startup-config file and running-
config. Enter the command at the global CONFIG level of the CLI.
NOTE: The command also displays SNMP community strings in clear text, in the output of the show snmp
server command.
Adding a BGP4 Peer Group
A peer group is a set of BGP4 neighbors that share common parameters. Peer groups provide the following
benefits:
• Simplified neighbor configuration – You can configure a set of neighbor parameters and then apply them to
multiple neighbors. You do not need to individually configure the common parameters individually on each
neighbor.
• Flash memory conservation – Using peer groups instead of individually configuring all the parameters for
each neighbor requires fewer configuration commands in the startup-config file.
You can perform the following tasks on a peer-group basis.
• Reset neighbor sessions
• Perform soft-outbound resets (the Layer 3 Switch updates outgoing route information to neighbors but does
not entirely reset the sessions with those neighbors)
• Clear BGP message statistics
To Next Page
Loading...
Need help?
General
