Enabling md5 authentication for bgp peers – H3C Technologies H3C S5560 Series Switches User Manual
Page 261
245
Step Command
Remarks
2.
Enter BGP view or BGP-VPN
instance view.
•
Enter BGP view:
bgp as-number
•
Enter BGP-VPN instance view:
a.
bgp as-number
b.
ip vpn-instance
vpn-instance-name
N/A
3.
Enable 4-byte AS number
suppression.
peer { group-name | ip-address
[ mask-length ] }
capability-advertise
suppress-4-byte-as
By default, 4-byte AS number
suppression is not enabled.
To enable 4-byte AS number suppression (IPv6):
Step Command
Remarks
1.
Enter system view.
system-view N/A
2.
Enter BGP view or BGP-VPN
instance view.
•
Enter BGP view:
bgp as-number
•
Enter BGP-VPN instance view:
a.
bgp as-number
b.
ip vpn-instance
vpn-instance-name
N/A
3.
Enable 4-byte AS number
suppression.
peer { group-name | ipv6-address
[ prefix-length ] }
capability-advertise
suppress-4-byte-as
By default, 4-byte AS number
suppression is not enabled.
Enabling MD5 authentication for BGP peers
MD5 authentication provides the following benefits:
•
Peer authentication makes sure that only BGP peers that have the same password can establish TCP
connections.
•
Integrity check makes sure that BGP packets exchanged between peers are intact.
To enable MD5 authentication for BGP peers (IPv4):
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter BGP view or BGP-VPN
instance view.
•
Enter BGP view:
bgp as-number
•
Enter BGP-VPN instance view:
a.
bgp as-number
b.
ip vpn-instance
vpn-instance-name
N/A