Encryption of bgp4 md5 authentication keys, Encryption example – Brocade BigIron RX Series Configuration Guide User Manual

Page 930

Advertising
background image

852

BigIron RX Series Configuration Guide

53-1002484-04

Configuring BGP4 neighbors

27

The following command verifies that the route has been unsuppressed.

Encryption of BGP4 MD5 authentication keys

When you configure a BGP4 neighbor or neighbor peer group, you can specify an MD5
authentication string for authenticating packets exchanged with the neighbor or peer group of
neighbors.

For added security, the software encrypts display of the authentication string by default. The
software also provides an optional parameter to disable encryption of the authentication string, on
an individual neighbor or peer group basis. By default, the MD5 authentication strings are
displayed in encrypted format in the output of the following commands:

show running-config (or write terminal)

show configuration

show ip bgp config

When encryption of the authentication string is enabled, the string is encrypted in the CLI
regardless of the access level you are using.

In addition, when you save the configuration to the startup configuration file, the file contains the
new BGP4 command syntax and encrypted passwords or strings.

NOTE

Brocade recommends that you save a copy of the startup configuration file for each device you plan
to upgrade.

Encryption example

The following commands configure a BGP4 neighbor and a peer group, and specify MD5
authentication strings (passwords) for authenticating packets exchanged with the neighbor or peer
group.

Here is how the commands appear when you display the BGP4 configuration commands.

BigIron RX(config-bgp)# show ip bgp route 209.1.44.0/24

Number of BGP Routes matching display condition : 1

Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED

E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED F:FILTERED

Prefix Next Hop Metric LocPrf Weight Status

1 209.1.44.0/24 10.2.0.1 1 101 32768 BLS

AS_PATH:

Route is advertised to 1 peers:

10.1.0.2(4)

BigIron RX(config-bgp)# local-as 2

BigIron RX(config-bgp)# neighbor xyz peer-group

BigIron RX(config-bgp)# neighbor xyz password abc

BigIron RX(config-bgp)# neighbor 10.10.200.102 peer-group xyz

BigIron RX(config-bgp)# neighbor 10.10.200.102 password test

Advertising
Popular Brands
Popular manuals