beautypg.com

Rsvp message authentication, Erface level. refer to, Rsvp – Brocade Multi-Service IronWare Multiprotocol Label Switch (MPLS) Configuration Guide (Supporting R05.6.00) User Manual

Page 131: Message authentication, Configuring the rsvp refresh multiple, Configuring rsvp message authentication

background image

Multi-Service IronWare Multiprotocol Label Switch (MPLS) Configuration Guide

107

53-1003031-02

RSVP message authentication

1

The user can control how often the Path and Resv messages are sent by setting the refresh
interval. By default, the refresh interval is 30 seconds. The user can set the refresh interval from
zero through 2147483 seconds.

use the following commands to set the refresh interval to 20 seconds.

Brocade(config-mpls)# rsvp

Brocade(config-mpls-rsvp)# refresh-interval 20

Syntax: [no] refresh-interval seconds

Configuring the RSVP refresh multiple

When refresh messages are not received, RSVP path states and resource reservations are
removed from the routers in an LSP. By default, the device waits the length of three refresh
intervals; when no refresh message is received by the end of that time, the path state or resource
reservation is removed.

The refresh multiple is the number of refresh intervals that must elapse without a refresh message
before a path state or resource reservation times out. By default, the refresh multiple is three
intervals. The user can set the refresh multiple from zero through 65535 intervals.

Use the following commands to set the refresh multiple to five intervals.

Brocade(config-mpls)# rsvp

Brocade(config-mpls-rsvp)# refresh-multiple 5

Syntax: [no] refresh-multiple intervals

RSVP message authentication

Support was added for RSVP message authentication using MD5 as described in RFC 2747. It is
implemented on the Brocade devices to prevent spoofing of RSVP messages. RFC 2747 defines the
use of a message digest carried in the RSVP INTEGRITY object. This object carries the following
information:

Key ID: An 8-bit number unique to a given sender

Sequence Number: A 64-bit monotonically increasing sequence number

Keyed Message Digest: As implemented here using MD5, it is a 16-bit message digest

In order to support RFC 2747, this implementation supports the following:

An authentication type using the MD5 cryptographic algorithm

An authentication key for use with the authentication algorithm

An authentication window of one (1), which specifies that the maximum number of
authenticated messages that can be received out of order is one (1).

Configuring RSVP message authentication

RSVP message authentication is disabled by default. This authentication method uses MD5 and is
configured within the MPLS configuration mode.

See also other documents in the category Brocade Computer Accessories: