bfd authentication-mode
Use bfd authentication-mode to configure the BFD authentication mode for single-hop BFD control packets.
Use undo bfd authentication-mode to restore the default.
Syntax
bfd authentication-mode simple key-id { cipher cipher-string | plain plain-string }
undo bfd authentication-mode
Default
Single-hop BFD control packets are not authenticated.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
simple: Specifies the simple authentication mode.
key-id: Sets the authentication key ID in the range of 1 to 255.
cipher: Sets a ciphertext password.
cipher-string: Ciphertext password, which is a case-sensitive string of 33 to 53 characters.
plain: Sets a ciphertext password.
plain-string: Plaintext password, which is a case-sensitive string of 1 to 16 characters.
Usage guidelines
Use this command to enhance BFD session security.
For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.
Examples
# Configure VLAN-interface 11 to perform simple authentication for single-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.
<Sysname> system-view [Sysname] interface vlan-interface 11 [Sysname-Vlan-interface11] bfd authentication-mode simple 1 plain 123456