ISIS/3/ISIS_AUTHENTICATION_TYPE_FAILURE
Message
ISIS/3/ISIS_AUTHENTICATION_TYPE_FAILURE: The authentication type of received PDU is different from local configuration. (isisSysInstance=[isisSysInstance], isisSysLevelIndex=[isisSysLevelIndex], isisCircIndex=[isisCircIndex], isisCircIfIndex=[isisCircIfIndex], isisPduFragment=[isisPduFragment], ifIndex=[ifIndex], IfName=[IfName])
Description
The authentication type contained in the received PDU is inconsistent with the local configured one.
Parameters
Parameter Name | Parameter Meaning |
---|---|
[isisSysInstance] |
ID of an IS-IS process |
[isisSysLevelIndex] |
IS-IS level |
[isisCircIndex] |
Circuit index of an interface |
[isisCircIfIndex] |
Circuit IfIndex of an interface |
[isisPduFragment] |
64-byte PDU header |
[ifIndex] |
IfIndex of an interface |
[IfName] |
Interface name |
Possible Causes
Cause 1: Authentication was configured on an interface or process of the local end, but the authentication type on the peer end was different from that on the local end.
Cause 2: Authentication was configured on an interface or process of the local end, but no authentication was configured on the peer end.
Procedure
- Obtain the IS-IS process number based on the isisSysInstance field and IS-IS level (1 indicates a Level-1 packet; 2 indicates
a Level-2 packet; 3 indicates a P2P Hello packet) based on the isisSysLevelIndex field. Then, find the isisPduFragment field and obtain the system ID of the source that sends the packet
and packet type.
- If the packet type is Hello, go to Step 2.
- If the packet type is LSP or SNP, go to Step 4.
Table 47-3 Methods of identifying system IDs and types of IS-IS packetsIdentifying the Packet Type
Identifying the System ID
Hello: A Hello packet is identified when the 5th byte in the isisPduFragment field is 0f, 10, or 11.
The six consecutive bytes beginning with the 10th byte in the isisPduFragment field constitute a System ID.
LSP: An LSP is identified when the 5th byte in the isisPduFragment field is 12 or 14.
The six consecutive bytes beginning with the 13th byte in the isisPduFragment field constitute a System ID.
SNP: An SNP is identified when the 5th byte in the isisPduFragment field is 18, 19, 20, or 21.
The six consecutive bytes beginning with the 11th byte in the isisPduFragment field constitute a System ID.
- Determine the IS-IS interface of the source based on the
system ID, and then run the display this command in the view of the
IS-IS interface on the source to check whether the configured interface
authentication mode is consistent with that configured on the local
.
If the interface authentication modes on the two ends are the same, go to Step 6.
If the interface authentication modes on the two ends are different, go to Step 3.
- Run the isis authentication-mode command in the interface view of the source to configure
the authentication mode (simple, MD5 ) to be the same as that on the
local , and ensure that the authentication passwords on the two ends
are the same. Then, check whether the fault is rectified.
If the fault is rectified, go to Step 7.
If the fault persists, go to Step 6.
- Run the display current-configuration configuration isis command on the source to check whether the area authentication
mode or domain authentication mode configured in the IS-IS process
is the same as that on the local , and ensure that the authentication
passwords on the two ends are the same.
If the authentication modes on the two ends are the same, go to Step 6.
If the authentication modes on the two ends are different, go to Step 5.
- Run the area-authentication-mode command (Level-1 packet) or the domain-authentication-mode command (Level-2 packet) in the IS-IS view of the source
to configure the authentication type (simple, MD5 ) to be the same
as that of the local . Then, check whether the fault is rectified.
If the fault is rectified, go to Step 7.
If the fault persists, go to Step 6.
- Contact technical support personnel technical support personnel.
- End.