No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
CloudEngine 12800 and 12800E V200R005C10 Configuration Guide - IP Unicast Routing

This document describes the configurations of IP Unicast Routing, including IP Routing, Static Route, RIP, RIPng, OSPF, OSPFv3, IPv4 IS-IS, IPv6 IS-IS, BGP, Routing Policy, and PBR.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the Area Authentication Mode

Configuring the Area Authentication Mode

Context

In area authentication, all switches in an area must use the same authentication mode and password. For example, all devices in Area 0 use simple authentication and the password of abc.

If plain is selected in the area authentication configuration, the password is stored in plain text in the configuration file, which brings security risks. It is recommended that you select cipher to store the password in cipher text.

Simple authentication, MD5 authentication, and HMAC-MD5 cipher text authentication have potential security risks. HMAC-SHA256 cipher text authentication is recommended.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run ospf [ process-id ]

    The OSPF process view is displayed.

  3. Run area area-id

    The OSPF area view is displayed.

  4. Run any of the following commands to configure an authentication mode of the OSPF area as required:

    • Run authentication-mode simple [ plain plain-text | [ cipher ] cipher-text ]

      Simple authentication is configured for the OSPF area.

      • plain: indicates that the password is stored in plain text.
      • cipher: indicates that the password is stored in cipher text. In MD5 or HMAC-MD5 authentication, the password is stored in cipher text by default.

    • Run authentication-mode { md5 | hmac-md5 | hmac-sha256 } [ key-id { plain plain-text | [ cipher ] cipher-text } ]

      The specified authentication mode is configured for the OSPF area.

      • md5: indicates the MD5 cipher text authentication mode.

      • hmac-md5: indicates the HMAC-MD5 cipher text authentication mode.
      • hmac-sha256: indicates the HMAC-SHA256 cipher text authentication mode.
      • key-id: specifies the ID of the authentication key.

    • Run authentication-mode keychain keychain-name

      Keychain authentication is configured for the OSPF area.

      Before using keychain authentication, you need to configure keychain information in the system view. To establish an OSPF neighbor relationship, you need to ensure that key-id, algorithm, and key-string in the local ActiveSendKey are the same as those in the remote ActiveRecvKey.

  5. Run commit

    The configuration is committed.

Translation
简体中文
Download
Updated: 2021-09-17

Document ID: EDOC1100075354

Views: 411817

Downloads: 112

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :