No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
NetEngine AR V300R019 CLI-based Configuration Guide - IP Multicast
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring MSDP Peers

Configuring MSDP Peers

Context

An MSDP peer relationship is identified by the addresses of the local and remote MSDP peers. You must create an MSDP peer relationship on both the local and remote ends.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run msdp [ vpn-instance vpn-instance-name ]

    The MSDP view is displayed.

  3. Run peer peer-address connect-interface interface-type interface-number

    MSDP peers are created.

    • peer-address: specifies the address of the remote MSDP peer.

    • interface-type interface-number: specifies the local interface connected to the remote MSDP peer.

  4. (Optional) Run peer peer-address description text

    The description of a remote MSDP peer is added.

    This configuration helps to differentiate remote MSDP peers and manage the connections to the remote MSDP peers.

  5. (Optional) Run timer retry interval

    The interval at which MSDP peers retry to set up a connection with each other is set.

    A TCP connection needs to be quickly established between MSDP peers in one of the following situations:

    • An MSDP peer is created.
    • The disconnected MSDP peers need to be reconnected.
    • A faulty MSDP peer attempts to restore works.

    You can run this command to adjust the interval at which MSDP peers retry to set up a connection.

  6. (Optional) Configure an MSDP authentication mode.

    To improve the security of a TCP connection, MSDP supports two authentication modes: message digest algorithm 5 (MD5) and keychain. MD5 authentication and keychain authentication are mutually exclusive on an MSDP peer. You must configure the same password on both ends in MD5 authentication or configure the same encryption algorithm and password on both ends in keychain authentication. Otherwise, the TCP connection cannot be set up.

    MD5 is not a secure authentication algorithm. To ensure security, you are advised to use the more secure Keychain algorithm for MSDP authentication.

    • Run peer peer-address password { cipher cipher-password | simple simple-password }

      MSDP MD5 authentication is configured.

      If simple is selected, the password is saved in the configuration file in plain text. This brings security risks. It is recommended that you select cipher to save the password in cipher text.

    • Run peer peer-address keychain keychain-name

      MSDP keychain authentication is configured.

      keychain-name in this command is defined in the keychain command. For details, see "Keychain Configuration" in the NetEngine AR Configuration Guide-Security.

  7. (Optional) Run shutdown peer-address

    The session with the remote MSDP peer is closed.

    After the session with the remote MSDP peer is closed, SA messages are not exchanged between the MSDP peers. The configuration, however, is saved. You can run the undo shutdown peer-address command to set up a session with the remote MSDP peer and to reestablish a TCP connection.

Translation
简体中文
Download
Updated: 2023-05-18

Document ID: EDOC1100112350

Views: 281227

Downloads: 384

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :