Controlling MSDP peering connections

MSDP peers are interconnected over TCP (port number 639). You can tear down or re-establish MSDP peering connections to control SA message exchange between the MSDP peers. When the connection between two MSDP peers is torn down, SA messages are no longer delivered between them. The MSDP peers will not attempt to re-establish the connection. The configuration information, however, remains unchanged.

A TCP connection is required when one of the following conditions exists:

You can adjust the interval between MSDP peering connection attempts.

To enhance MSDP security, configure a password for MD5 authentication used by both MSDP peers to establish a TCP connection. If the MD5 authentication fails, the TCP connection cannot be established.


[IMPORTANT: ]

IMPORTANT:

The MSDP peers involved in MD5 authentication must be configured with the same authentication method and password. Otherwise, the authentication fails and the TCP connection cannot be established.


To control MSDP peering connections:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter MSDP view.

msdp [ vpn-instance vpn-instance-name ]

N/A

3. Tear down an MSDP peering connection.

shutdown peer-address

By default, an MSDP peering connection is active.

4. Configure the interval between MSDP peering connection attempts.

timer retry interval

The default setting is 30 seconds.

5. Configure MD5 authentication for both MSDP peers to establish a TCP connection.

peer peer-address password { cipher | simple } password

By default, MD5 authentication is not performed before a TCP connection is established.