beautypg.com

Dldp authentication mode, Dldp processes – H3C Technologies H3C S12500 Series Switches User Manual

Page 50

background image

39

DLDP authentication mode

You can use DLDP authentication to prevent network attacks and illegal detecting. There are three

through DLDP authentication. Three DLDP authentication modes exist, as described below.

Non-authentication
The sending side sets the Authentication field and the Authentication type field of DLDP packets to
0. The receiving side checks the values of the two fields of received DLDP packets and drops the

packets where the two fields conflict with the corresponding local configuration.

Simple authentication
Before sending a DLDP packet, the sending side sets the Authentication field to the user-configured
password and sets the Authentication type field to 1.
The receiving side checks the values of the two fields in received DLDP packets and drops any
packets where the two fields conflict with the corresponding local configuration.

MD5 authentication
Before sending a packet, the sending side encrypts the user configured password using MD5
algorithm, assigns the digest to the Authentication field, and sets the Authentication type field to 2.
The receiving side checks the values of the two fields in received DLDP packets and drops any
packets where the two fields conflict with the corresponding local configuration.

DLDP processes

1.

On a DLDP-enabled link that is in up state, DLDP sends DLDP packets to the peer switch and
processes the DLDP packets received from the peer switch. DLDP packets sent vary with DLDP

states.

Table 14

lists DLDP states and their packet types.

Table 14 DLDP packet types and DLDP states

DLDP state

Type of DLDP packets sent

Active

Advertisement packet with RSY tag

Advertisement

Normal Advertisement packet

Probe Probe

packet

Disable Disable

packet

and

then RecoverProbe packet

NOTE:

A switch sends Flush packets when it transits to Initial state from Active, Advertisement, Probe, or
DelayDown state but does not send them when it transits to the Initial state from Inactive or Disable

state.

2.

A received DLDP packet is processed as follows:

{

In any of the three authentication modes, the packet is dropped if it fails to pass the
authentication.

{

The packet is dropped if the setting of the interval to send Advertisement packets it carries

conflicts with the corresponding local setting.

{

Other processes are shown in

Table 15

.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: