< Home

peer password (MSDP)

Function

The peer password command configures Message-digest algorithm 5 (MD5) authentication to establish a TCP connection between MSDP peers and transmit MSDP messages.

The undo peer password command removes MD5 authentication between MSDP peers.

Format

peer peer-address password { cipher cipher-password | simple simple-password }

undo peer peer-address password

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer. The address is in dotted decimal notation.
cipher cipher-password Specifies the password in the cipher text. The value is a string of case-sensitive characters without spaces. A cipher password may contain 1 to 255 plain text characters or 20 to 392 encrypted characters.
NOTE:
When double quotation marks are used around the string, spaces are allowed in the string.
simple simple-password Specifies the password in the plain text.
NOTE:
When configuring an authentication password, select the ciphertext mode because the password is saved in configuration files in plain text if you select plaintext mode, which has a high risk. To ensure device security, change the password periodically.
 It is a string of 1 to 255 case-sensitive characters without spaces.
NOTE:
When double quotation marks are used around the string, spaces are allowed in the string.

Views

MSDP view

Default Level

2: Configuration level

Usage Guidelines

By default, MSDP MD5 authentication is not configured. Configuring MSDP MD5 authentication is recommended to improve the system security.

Usage Scenario

Authentication improves the security of the TCP connection. Note that the MSDP peers must be configured with the same authentication password. Otherwise, the TCP connection cannot be set up between MSDP peers and MSDP messages cannot be transmitted. The authentication password on peers can be in different forms. The password on one end can be in cipher text while the password on the peer can be in the plain text.

Prerequisites

The multicast routing-enable command has been run in the public network instance view or the VPN instance view.

Configuration Impact

If this command is run more than once, the latest configuration overwrites the previous ones.

Precautions

After the plain text mode is specified, the password will be saved in the plain text in the configuration file, which has a high security risk.

MSDP MD5 authentication and MSDP Key-Chain authentication are mutually exclusive.

Example

# Configure MSDP MD5 authentication between the local FW and the peer 1.1.1.1 and configure the authentication password to example123 in the cipher text.

<sysname> system-view
[sysname] msdp
[sysname-msdp] peer 1.1.1.1 password cipher example123
Parent Topic: MSDP Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >