EasyManuals Logo

HPE FlexNetwork 5510 HI Series User Manual

HPE FlexNetwork 5510 HI Series
572 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #172 background imageLoading...
Page #172 background image
160
Step
Command
Remarks
3. Specify the authentication
mode and key.
isis
authentication-mode
{ {
gca
key-id
{
hmac-sha-1
|
hmac-sha-224
|
hmac-sha-256
|
hmac-sha-384
|
hmac-sha-512
} [
nonstandard
] |
md5
|
simple
} {
cipher
|
plain
} string |
keychain
keychain-name } [
level-1
|
level-2
] [
ip
|
osi
]
By default, no
authentication is
configured.
4. (Optional.) Configure the
interface not to check the
authentication information in
the received hello packets.
isis authentication send-only
[
level-1
|
level-2
]
When the authentication
mode and key are
configured, the interface
checks the authentication
information in the received
packets by default.
Configuring area authentication
Area authentication prevents the router from installing routing information from untrusted routers into
the Level-1 LSDB. The router encapsulates the authentication key in the specified mode in Level-1
packets (LSP, CSNP, and PSNP). It also checks the key in received Level-1 packets.
Routers in a common area must have the same authentication mode and key.
To prevent packet exchange failure in case of an authentication key change, configure IS-IS not to
check the authentication information in the received packets.
To configure area authentication:
Step
Command
Remarks
1. Enter system view.
system-view
N/A
2. Enter IS-IS view.
isis
[ process-id ] [
vpn-instance
vpn-instance-name ]
N/A
3. Specify the area
authentication mode and
key.
area-authentication-mode
{ {
gca
key-id {
hmac-sha-1
|
hmac-sha-224
|
hmac-sha-256
|
hmac-sha-384
|
hmac-sha-512
} [
nonstandard
] |
md5
|
simple
} {
cipher
|
plain
} string
|
keychain
keychain-name } [
ip
|
osi
]
By default, no area authentication
is configured.
4. (Optional.) Configure the
interface not to check the
authentication
information in the
received Level-1
packets, including LSPs,
CSNPs, and PSNPs.
area-authentication send-only
When the authentication mode
and key are configured, the
interface checks the
authentication information in the
received packets by default.
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing
domain. A router with the authentication configured encapsulates the key in the specified mode into
Level-2 packets (LSP, CSNP, and PSNP) and check the key in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and key.
To prevent packet exchange failure in case of an authentication key change, configure IS-IS not to
check the authentication information in the received packets.

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Preview: Fundamentals Configuration Guide
Fundamentals Configuration Guide209 pages
Preview: Security Configuration Guide
Security Configuration Guide551 pages
Preview: Layer 3 - Ip Routing Configuration Guide
Layer 3 - Ip Routing Configuration Guide486 pages
Preview: Network Management And Monitoring Configuration Guide
Network Management And Monitoring Configuration Guide331 pages
Preview: Macsec Configuration Guide
Macsec Configuration Guide27 pages
Preview: Acl And Qos Configuration Guide
Acl And Qos Configuration Guide114 pages
Preview: Mpls Configuration Guide
Mpls Configuration Guide505 pages
Preview: Openflow Configuration Guide
Openflow Configuration Guide39 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexNetwork 5510 HI Series and is the answer not in the manual?

HPE FlexNetwork 5510 HI Series Specifications

General IconGeneral
BrandHPE
ModelFlexNetwork 5510 HI Series
CategorySwitch
LanguageEnglish

Related product manuals