[x]

Tuning and optimizing IPv6 BGP networks > Enabling MD5 authentication for TCP connections

 

 Next

Enabling MD5 authentication for TCP connections

IPv6 BGP employs TCP as the transport protocol. To enhance security, configure IPv6 BGP to perform MD5 authentication when establishing a TCP connection. If the authentication fails, no TCP connection can be established.

The MD5 authentication for establishing TCP connections does not apply to BGP packets.

The MD5 authentication requires that the two parties have the same authentication mode and password to establish a TCP connection; otherwise, no TCP connection can be established due to authentication failure.

To enable MD5 authentication for TCP connections:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter BGP view.

bgp as-number

N/A

3. Enter IPv6 address family view.

ipv6-family

N/A

4. Enable MD5 authentication when establishing a TCP connection to the peer or peer group.

peer { ipv6-group-name | ipv6-address } password { cipher | simple } password

Not enabled by default.

prev

 

up

 next

Configuring the maximum number of ECMP routes 

home

 Applying an IPsec policy to an IPv6 BGP peer or peer group

© Copyright 2016 Hewlett Packard Enterprise Development LP