No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R010C00 Configuration Guide - Reliability

This document describes the configuration of BFD, DLDP, VRRP, SmartLink, CFM, EFM, Y.1731 and MAC swap loopback to ensure reliability on the device.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
(Optional) Configuring the Authentication Mode for DLDP Packets

(Optional) Configuring the Authentication Mode for DLDP Packets

Context

To ensure packet validity on an insecure network, users can configure one of the following authentication modes for DLDPDUs.

Table 5-7  Authentication modes of DLDPDUs

Authentication Mode

Description

Non-authentication mode

The sender sets the authentication key of the DLDPDUs to all 0s and the authentication type field to 0. The receiver compares the authentication key and authentication type with those set on the local end. If the settings on the two ends are different, the receiver discards the DLDPDUs.

Simple authentication mode

The sender sets the authentication key of the DLDPDUs to the plain-text password set on the local end and the authentication type field to 1. The receiver compares the authentication key and authentication type with those set on the local end. If the settings on the two ends are different, the receiver discards the DLDPDUs.

MD5 authentication mode

The sender sets the authentication key of the DLDPDUs to the summary of the cipher text obtained from the password set on the local end using the MD5 algorithm, and sets the authentication type field to 2. The receiver compares the authentication key and authentication type with the summary of the cipher text obtained on the local end using the MD5 algorithm. If the settings on the two ends are different, the receiver discards the DLDPDUs.

SHA authentication mode

The sender sets the authenticator field of the DLDPDUs to the digest of the cipher text obtained from the password set on the local end using the SHA256 algorithm, and sets the authentication type field to 3. The receiver compares the authenticator and authentication type with the digest of the cipher text obtained on the local end using the SHA256 algorithm. If the settings on the two ends are different, the receiver discards the DLDPDUs.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    dldp authentication-mode { md5 md5-password | simple simple-password | sha sha-password | none }

    The authentication mode is configured for DLDPDUs.

    By default, the DLDPDUs are not authenticated.

    NOTE:

    The local and remote devices must use the same authentication mode and the authentication password; otherwise, the authentication fails. DLDP works properly only after the authentication succeeds.

    To ensure security, you are advised to use SHA as the authentication algorithm of DLDP.

Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000142090

Views: 89363

Downloads: 107

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next