bfd authentication-mode

Use bfd authentication-mode to configure the BFD authentication mode for single-hop BFD control packets.

Use undo bfd authentication-mode to restore the default.

Syntax

bfd authentication-mode simple key-id { cipher cipher-string | plain plain-string }

undo bfd authentication-mode

Default

Single-hop BFD control packets are not authenticated.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

simple: Specifies the simple authentication mode.

key-id: Sets the authentication key ID in the range of 1 to 255.

cipher: Sets a ciphertext password.

cipher-string: Ciphertext password, which is a case-sensitive string of 33 to 53 characters.

plain: Sets a ciphertext password.

plain-string: Plaintext password, which is a case-sensitive string of 1 to 16 characters.

Usage guidelines

Use this command to enhance BFD session security.

For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.

Examples

# Configure VLAN-interface 11 to perform simple authentication for single-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.

<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd authentication-mode simple 1 plain 123456