Cli command, Key chains, Overview – Avaya 580 User Manual

Document No. 10-300077, Issue 2

14-7

Configuring RIP Routing

Figure 14-4. Add Trusted RIP Neighbors Web Page

6. Enter the IP address for the node that acts as the trusted RIP neighbor in

Network Address field.

7. Click APPLY to save your changes, or CANCEL to restore previous

settings.

CLI Command

To create a trusted RIP neighbor, use the following command:

(configure router:rip)#

neighbor

Key Chains

Overview

In a full implementation of Key Chains, a Key Chain a set of Keys each
with its own set of parameters used for MD5 encryption. The parameters are
an encryption Key and the period of time that the key is valid. This key
must be identical on each device that will participate in an exchange of
information. In the case of RIP (version 2 only), routers can use MD5
encryption to ensure that only routing information packets (RIP packets)
from authorized routers are accepted.

In a simple implementation, the user creates one Key in a Key Chain and
this key is used until it expires.In an advanced implementation, a Key Chain
contains multiple keys each valid for a limited amount of time. This
provides a periodic change of the encryption key giving the highest level of
security. The drawback to this approach is that every device participating in
an exchange, such as RIP V2 routers on the same subnet, must have their
clocks synchronized. Failure to synchronize would cause devices to use
different keys and hence reject RIP updates from neighboring RIP routers.