< Home

Configuring BFD Session Authentication Information

Context

This configuration applies only to multicast BFD session detection.

On a network demanding higher security, you can configure BFD session authentication information, including the authentication algorithm, authentication key, authentication key ID, and negotiation timeout interval, to improve network security. In a specific access scenario, for example, when a multicast BFD session is associated with the protocol status of an interface, you need to configure authentication information for the BFD session on the interface. BFD negotiation can succeed, the BFD-associated protocol status of the interface can be activated, and users can access the device through this interface only when the BFD session authentication information on both ends is consistent.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run bfd

    BFD is enabled globally.

  3. Run quit

    Return to the system view.

  4. Run bfd bfd-name bind peer-ip default-ip interface interface-type interface-number [ source-ip source-ip ]

    A BFD session is created for detecting the physical link status.

  5. Run authentication-mode met-sha1 key-id key-id-value cipher cipher-text nego-packet [ timeout-interval interval-value ]

    BFD session authentication information is configured.

Parent Topic: Configuring BFD
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >