beautypg.com

Configuring ldp backoff, Configuring ldp md5 authentication – H3C Technologies H3C S6800 Series Switches User Manual

Page 40

background image

27

Step Command

Remarks

3.

Specify an LDP peer and enter
LDP peer view. The device will

send unsolicited Targeted
Hellos to the peer and can

respond to Targeted Hellos sent

from the targeted peer.

targeted-peer peer-lsr-id

By default, the device does not
send Targeted Hellos to or

receive Targeted Hellos from
any peer.

4.

Configure the Keepalive hold
time.

mpls ldp timer keepalive-hold
timeout

By default, the Keepalive hold
time is 45 seconds.

5.

Configure the Keepalive

interval.

mpls ldp timer keepalive-interval
interval

By default, the Keepalive interval
is 15 seconds.

6.

Configure the LDP transport
address.

mpls ldp transport-address
ip-address

By default, the LDP transport
address is the LSR ID of the local

device.

Configuring LDP backoff

If LDP session parameters (for example, the label advertisement mode) are incompatible, two LDP peers

cannot establish a session, and they will keep negotiating with each other.
The LDP backoff mechanism can mitigate this problem by using an initial delay timer and a maximum
delay timer. After LDP fails to establish a session with a peer LSR for the first time, LDP does not start an

attempt until the initial delay timer expires. If the session setup fails again, LDP waits for two times the

initial delay before the next attempt, and so forth until the maximum delay time is reached. After that, the

maximum delay time will always take effect.
To configure LDP backoff:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter LDP view or enter
LDP-VPN instance view.

Enter LDP view:
mpls ldp

Enter LDP-VPN instance view:

a.

mpls ldp

b.

vpn-instance

vpn-instance-name

N/A

3.

Configure the initial delay
time and maximum delay

time.

backoff initial initial-time maximum
maximum-time

By default, the initial delay time is
15 seconds and the maximum

delay time is 120 seconds.

Configuring LDP MD5 authentication

To improve security for LDP sessions, you can configure MD5 authentication for the underlying TCP

connections to check the integrity of LDP messages.
For two LDP peers to establish an LDP session successfully, make sure the LDP MD5 authentication

configurations on the LDP peers are consistent.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: