< Home

Configuring MD5 Authentication

In Message Digest 5 (MD5) authentication of BGP4+, you only need to set MD5 authentication passwords for TCP connections, and the authentication is performed by TCP. If the authentication fails, TCP connections cannot be established.

Procedure

  1. Access the system view.

    system-view

  2. Access the BGP view.

    bgp { as-number-plain | as-number-dot }

  3. Set an MD5 authentication password.

    peer { ipv6-address | group-name } password { cipher cipher-password | simple simple-password }

    When configuring an authentication password, select the ciphertext mode because the password is saved in configuration files in explicittext if you select explicit mode, which has a high risk. To ensure device security, change the password periodically.

    When the peer password command is used in the BGP view, the extensions on Virtual Private Network version 6 (VPNv6) of MP-BGP are also valid because they use the same TCP connection.

    The BGP MD5 authentication and BGP Keychain authentication are mutually exclusive.

Parent Topic: Configuring BGP4+ Security
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >