Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing domain. A router with the authentication configured encapsulates the password in the specified mode into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enter IS-IS view. | isis [ process-id ] [ vpn-instance vpn-instance-name ] | N/A |
3. Specify the routing domain authentication mode and password. | domain-authentication-mode { gca key-id { hmac-sha-1 | hmac-sha-224 | hmac-sha-256 | hmac-sha-384 | hmac-sha-512 } | md5 | simple } { cipher cipher-string | plain plain-string } [ ip | osi ] | By default, no routing domain authentication is configured. |