No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

CloudEngine 8800, 7800, 6800, and 5800 V200R002C50

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ospfv3 authentication-mode

ospfv3 authentication-mode

Function

The ospfv3 authentication-mode command configures an authentication mode and a password for an OSPFv3 interface.

The undo ospfv3 authentication-mode command deletes the authentication mode and password configured for an OSPFv3 interface.

By default, no authentication mode or password are configured for any OSPFv3 interface.

NOTE:
By default, authentication is not configured for an OSPFv3 interface. Configuring authentication is recommended to ensure system security.

Format

ospfv3 authentication-mode hmac-sha256 key-id key-id { plain plain-text | [ cipher ] cipher-text } [ instance instance-id ]

undo ospfv3 authentication-mode hmac-sha256 key-id key-id [ plain plain-text | cipher cipher-text ] [ instance instance-id ]

Parameters

Parameter Description Value
hmac-sha256 Configures the HMAC-SHA256 authentication mode.

-

key-id key-id Specifies the key ID for authentication, which must be the same as the one configured at the other end. The value is an integer ranging from 1 to 255.
plain Configures the plaintext password type. Only a plaintext password can be entered, and the password is displayed in plaintext in the configuration file.
NOTICE:

If plain is selected, the password is saved in the configuration file in plain text. This brings security risks. It is recommended that you select cipher to save the password in cipher text.

-

plain-text Specifies a plaintext password. The value is a string of 1 to 255 characters, spaces not supported.
NOTE:
Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.
cipher Configures the ciphertext password type. You can enter either a plaintext or ciphertext password, but the password is displayed in ciphertext in the configuration file.

-

cipher-text Specifies a ciphertext password. The value can be a string of 1 to 255 characters for plaintext passwords and 20 to 432 characters for ciphertext passwords, spaces not supported.
NOTE:
Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.
instance instance-id Specifies the instance ID of an interface. The value ranges from 0 to 255, with default value 0.

Views

Interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Due to inherent defects and flawed implementation of the TCP/IP protocol suite, there are an increasing number of attacks, which poses greater threats on TCP/IP networks than ever before. The attacks on network devices may lead to network failures. To configure an authentication mode and a password for an OSPFv3 interface to improve OSPFv3 network security, run the ospfv3 authentication-mode command.

Precautions

OSPFv3 interface authentication takes precedence over OSPFv3 area authentication.

To configure OSPFv3 area authentication, run the authentication-mode command.

Example

# Configure OSPFv3 HMAC-SHA256 authentication on VLANIF100.

<HUAWEI> system-view
[~HUAWEI] ospfv3
[*HUAWEI-ospfv3-1] router-id 10.1.1.1
[*HUAWEI-ospfv3-1] quit
[*HUAWEI] interface vlanif 100
[*HUAWEI-Vlanif100] ipv6 enable
[*HUAWEI-Vlanif100] ospfv3 1 area 0
[*HUAWEI-Vlanif100] ospfv3 authentication-mode hmac-sha256 key-id 10 cipher huawei

# Configure OSPFv3 HMAC-SHA256 authentication on 10GE1/0/1.

<HUAWEI> system-view
[~HUAWEI] ospfv3
[*HUAWEI-ospfv3-1] quit
[*HUAWEI] interface 10ge 1/0/1
[*HUAWEI-10GE1/0/1] undo portswitch
[*HUAWEI-10GE1/0/1] ipv6 enable
[*HUAWEI-10GE1/0/1] ospfv3 1 area 0
[*HUAWEI-10GE1/0/1] ospfv3 authentication-mode hmac-sha256 key-id 10 cipher huawei
Translation
Download
Updated: 2019-03-21

Document ID: EDOC1000166501

Views: 74728

Downloads: 380

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next