bfd authentication-mode
Use bfd authentication-mode to configure the BFD authentication mode for single-hop BFD control packets.
Use undo bfd authentication-mode to restore the default.
Syntax
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }
undo bfd authentication-mode
Default
Single-hop BFD control packets are not authenticated.
Views
Interface view, BFD template view
Predefined user roles
network-admin
Parameters
m-md5: Specifies the Meticulous MD5 algorithm.
m-sha1: Specifies the Meticulous SHA1 algorithm.
md5: Specifies the MD5 algorithm.
sha1: Specifies the SHA1 algorithm.
simple: Specifies the simple authentication mode.
key-id: Sets the authentication key ID in the range of 1 to 255.
cipher: Sets a ciphertext password.
cipher-string: Ciphertext password, which is a case-sensitive string of 33 to 53 characters.
plain: Sets a ciphertext password.
plain-string: Plaintext password, which is a case-sensitive string of 1 to 16 characters.
Usage guidelines
Use this command to enhance BFD session security.
For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.
Examples
# Configure VLAN-interface 11 to perform simple authentication for single-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.
<Sysname> system-view [Sysname] interface vlan-interface 11 [Sysname-Vlan-interface11] bfd authentication-mode simple 1 plain 123456