The iplpm link authentication-mode command configures the authentication mode and password for packet loss measurement on a direct link.
The undo iplpm link authentication-mode command deletes the authentication mode and password.
By default, no authentication mode or password is configured for packet loss measurement on a direct link.
iplpm link authentication-mode hmac-sha256 key-id key-id [ cipher ] password
undo iplpm link authentication-mode
| Parameter | Description | Value |
|---|---|---|
hmac-sha256 |
Uses HMAC-SHA256 to authenticate packets between devices. |
- |
key-id key-id |
Specifies the ID of the authentication password. |
The value is an integer that ranges from 1 to 64. |
cipher |
Specifies the cipher-text authentication password. |
- |
password |
Specifies the authentication password. |
The value is a character string without spaces.
|
GE interface view, XGE interface view, MultiGE interface view, 25GE interface view, 40GE interface view, 100GE interface view
Usage Scenario
After packet loss measurement is configured on a direct link, statistics data on received and sent packets on an interface at one end is sent to an interface at the other end and summarized for packet loss measurement. This command is used to authenticate communication packets on the direct link, improving security.
Precautions
When the authentication mode and password are configured on an interface, packets encapsulated with local statistics data sent from the interface are authenticated. Therefore, both interfaces of the direct link must be configured with the same authentication mode and password.
# Set the authentication mode to hmac-sha256 and password to huawei in cipher text for packet loss measurement on a direct link on the GE0/0/1.
<HUAWEI> system-view [HUAWEI] interface gigabitethernet 0/0/1 [HUAWEI-GigabitEthernet0/0/1] iplpm link authentication-mode hmac-sha256 key-id 1 cipher huawei