No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C00 Configuration Guide - MPLS 01

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring RSVP Authentication

Configuring RSVP Authentication

RSVP authentication is configured to protect a node from attacks and improve network security. By default, no authentication mode is configured. Configuring RSVP authentication is recommended to improve device security.

Usage Scenario

RSVP authentication prevents the following problems:
  • An unauthorized node attempts to establish an RSVP neighbor relationship with a local node.

  • A remote node constructs forged RSVP messages to establish an RSVP neighbor relationship with a local node and then initiates attacks to the local node.

RSVP key authentication cannot prevent replay attacks or RSVP message mis-sequence during network congestion. RSVP message mis-sequence causes authentication termination between RSVP neighbors. The handshake function, message window functions, and RSVP key authentication are used to prevent the preceding problems.

CR-LSP flapping may lead to frequent re-establishment of RSVP neighbor relationships. As a result, the handshake function is repeatedly performed and RSVP authentication is prolonged. An RSVP authentication lifetime is set to resolve the preceding problems. If no CR-LSP exists, RSVP neighbors still retain their neighbor relationship until the RSVP authentication lifetime expires.

Pre-configuration Tasks

Before configuring RSVP authentication, configure an RSVP-TE tunnel.

Configuration Procedures

Figure 3-7  RSVP authentication configuration
Download
Updated: 2018-07-12

Document ID: EDOC1100028530

Views: 102245

Downloads: 336

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next