beautypg.com

Brocade Multi-Service IronWare Routing Configuration Guide (Supporting R05.6.00) User Manual

Page 822

background image

794

Multi-Service IronWare Routing Configuration Guide

53-1003033-02

Configuring additional VRRP and VRRP-E parameters

To configure MD5 Authentication on VRRP-E IPv6, enter the following commands at the interface
level:

Brocade(config)#ipv6 vrrp-extended auth-type md5-auth ourpword

Syntax: ip | ipv6 vrrp-extended auth-type [ md5-auth string ]

The string variable specifies a text string that is used as an authentication password key. The
maximum length of the key string is limited to 64 characters.

SYSLOG and SNMP traps are generated in the event of a packet being dropped due to MD5
authentication failure.

When MD5 authentication is configured on an interface, the following syslog message is displayed:

Aug 10 18:17:39 VRRP6: Configuration VRRP_CONFIG_MD5_AUTHENTICATION request

received

Aug 10 18:17:39 VRRP6: Port 2/6, VRID 2 - send advertisement

Ver:3 Type:1 Vrid:2 Pri:240 #IP:1 AuthType:2 Adv:1 Chksum:0x0000

HMAC-MD5 CODE:[000000000000000000400010]

IpAddr: 2001:DB8::40:10

When MD5 authentication is valid on with it is VRRP-E peer, the following syslog message is
displayed:

Aug 10 18:48:51 VRRP6: Port 2/6, VRID 2 - rcvd advertisement from 200:160::40:1

Ver:3 Type:1 Vrid:2 Pri:255 #IP:1 AuthType:2 Adv:1 Chksum:0x0000

HMAC-MD5 CODE:[000000000000000000400010]

IpAddr: 200:160::40:10

NOTE

Using md5-authentication implies that the software need not run checksum verification on the
receiving router, and can rely on the authentication code (message digest 5 algorithm) to verify the
integrity of the VRRP-E message header.

Suppressing RIP advertisements on backup routers
for the backup up interface

Normally, a VRRP or VRRP-E backup includes route information for the virtual IP address in RIP
advertisements. As a result, other routers receive multiple paths for the backup router and might
sometimes unsuccessfully use the path to the backup router rather than the path to the Master.

You can prevent the backup routers from advertising route information for the interface on which
they are defined by enabling suppression of the advertisements.

To suppress RIP advertisements for interface on which a backup router is defined in Router2, enter
the following commands.

Brocade(config)# router rip

Brocade(config-rip-router)# use-vrrp-path

Syntax: [no] use-vrrp-path

The syntax is the same for VRRP and VRRP-E.

See also other documents in the category Brocade Computer Accessories: