Verifying the configuration – H3C Technologies H3C S5560 Series Switches User Manual
Page 340
324
[SwitchC-ipsec-profile-policy002-manual] sa string-key inbound esp simple gfedcba
[SwitchC-ipsec-profile-policy002-manual] quit
5.
Configure IPsec to protect IPv6 BGP packets between Switch A and Switch B:
# Configure Switch A.
[SwitchA] bgp 65008
[SwitchA-bgp] peer 1::2 ipsec-profile policy001
[SwitchA-bgp] quit
# Configure Switch B.
[SwitchB] bgp 65008
[SwitchB-bgp] peer 1::1 ipsec-profile policy001
[SwitchB-bgp] quit
6.
Configure IPsec to protect IPv6 BGP packets between Router B and Switch C:
# Configure Switch C.
[SwitchC] bgp 65009
[SwitchC-bgp] peer ebgp ipsec-profile policy002
[SwitchC-bgp] quit
# Configure Switch B.
[SwitchB] bgp 65008
[SwitchB-bgp] peer ebgp ipsec-profile policy002
[SwitchB-bgp] quit
Verifying the configuration
# Display detailed information about IPv6 BGP peers on Switch B.
[SwitchB] display bgp peer ipv6 verbose
Peer: 1::1 Local: 2.2.2.2
Type: IBGP link
BGP version 4, remote router ID 1.1.1.1
BGP current state: Established, Up for 00h05m54s
BGP current event: KATimerExpired
BGP last state: OpenConfirm
Port: Local - 24896 Remote - 179
Configured: Active Hold Time: 180 sec Keepalive Time: 60 sec
Received : Active Hold Time: 180 sec
Negotiated: Active Hold Time: 180 sec Keepalive Time: 60 sec
Peer optional capabilities:
Peer support BGP multi-protocol extended
Peer support BGP route refresh capability
Peer support BGP route AS4 capability
Address family IPv6 Unicast: advertised and received
Received: Total 9 messages, Update messages 1
Sent: Total 9 messages, Update messages 1
Maximum allowed prefix number: 4294967295
Threshold: 75%
Minimum time between advertisements is 15 seconds
Optional capabilities: