beautypg.com

Encrypting bgp4 md5 authentication keys, Encryption example – Brocade Multi-Service IronWare Routing Configuration Guide (Supporting R05.6.00) User Manual

Page 82

background image

54

Multi-Service IronWare Routing Configuration Guide

53-1003033-02

Configuring BGP4 neighbors

Encrypting BGP4 MD5 authentication keys

When you configure a BGP4 neighbor or neighbor peer group, you can specify an MD5
authentication string to authenticate packets exchanged with the neighbor or peer group of
neighbors.

For added security, by default, the software encrypts the display of the authentication string. The
software also provides an optional parameter to disable encryption of the authentication string, on
an individual neighbor or peer group basis. By default, MD5 authentication strings are displayed in
encrypted format in the output of the following commands:

show running-config (or write terminal)

show configuration

show ip bgp config

When encryption of the authentication string is enabled, the string is encrypted in the CLI
regardless of the access level you are using.

When you save the configuration to the startup configuration file, the file contains the new BGP4
command syntax and encrypted passwords or strings.

NOTE

It is recommended that you save a copy of the startup configuration file for each device you plan to
upgrade.

Encryption example

The following commands configure a BGP4 neighbor and a peer group, and specify MD5
authentication strings (passwords) to authenticate packets exchanged with the neighbor or peer
group.

Brocade(config-bgp)# show ip bgp route 10.1.44.0/24

Number of BGP Routes matching display condition : 1

Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED

E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH S:SUPPRESSED F:FILTERED

Prefix Next Hop MED LocPrf Weight Status

1 10.1.44.0/24 10.2.0.1 1 101 32768 BLS

AS_PATH:

Route is advertised to 1 peers:

10.1.0.2(4)

Brocade(config-bgp)# local-as 2

Brocade(config-bgp)# neighbor xyz peer-group

Brocade(config-bgp)# neighbor xyz password abc

Brocade(config-bgp)# neighbor 10.10.200.102 peer-group xyz

Brocade(config-bgp)# neighbor 10.10.200.102 password test

See also other documents in the category Brocade Computer Accessories: