2 authentication mode, 3 interface (vrrp) – CANOGA PERKINS CanogaOS Command Reference User Manual

CanogaOS Command Line Reference

Revision 1.02

Proprietary & Confidential Canoga Pertkins Metro Ethernet Switches

Page 348 of 855

17.2 authentication mode

To authenticate Virtual Router Redundancy Protocol (VRRP) packets received from other routers in the
group, use the authentication mode command in router configuration mode. To disable VRRP
authentication, use the no form of this command.

Command Syntax

authentication mode {md5 | text} key-string
no authentication mode

text key-string

Plain text authentication. The text-string argument is the authentication
string and can be up to eight alphanumeric characters. There is no default
value.

md5 key-string

Message digest 5 (MD5) authentication. MD5 authentication is not
supported yet.

Default

VRRP authentication is disabled.

Command Mode

Router configuration

Usage

When a VRRP packet arrives from another router in the VRRP group, its authentication string is
compared to the string configured on the local system. If the strings match, the message is accepted. If
they do not match, the packet is discarded. The authentication string is sent unencrypted in all VRRP
messages when using the authentication mode text key-string option.
All routers within the VRRP group must be configured with the same authentication string. If the same
authentication string is not configured, the routers in the VRRP group will not communicate with each
other and any misconfigured router in the group will change its state to master.

Examples

The following example shows how to configure an authentication text string of x30dn78k:
router vrrp 1
authentication mode text x30dn78k

Related Commands

router vrrp

17.3 interface (VRRP)

To enable the Virtual Router Redundancy Protocol (VRRP) protocol on a specified interface, use the