Enabling md5 authentication for tcp connections, Configuring bgp load balancing – H3C Technologies H3C SecPath F1000-E User Manual

467

To enable quick EBGP session reestablishment:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter BGP view.

bgp as-number

N/A

3.

Enable quick EBGP session
reestablishment.

ebgp-interface-sensitive

Optional.
Not enabled by default.

Enabling MD5 authentication for TCP connections

BGP employs TCP as the transport protocol. To enhance security, you can configure BGP to perform MD5

authentication when establishing a TCP connection. The two parties must have the same password

configured to establish TCP connections.
BGP MD5 authentication is not for BGP packets, but for TCP connections. If the authentication fails, no
TCP connection can be established.
To enable MD5 authentication for TCP connections:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter BGP view.

bgp as-number

N/A

3.

Enable MD5 authentication

when establishing a TCP
connection to the peer/peer

group.

peer { group-name | ip-address }
password { cipher | simple }

password

Optional.
Not enabled by default.

Configuring BGP load balancing

If multiple paths to a destination exist, you can configure load balancing over such paths to improve link

utilization.
To configure BGP load balancing:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter BGP view.

bgp as-number

N/A

3.

Configure the maximum number
of BGP routes for load

balancing.

balance number

Optional.
By default, load balancing is

not enabled.

Forbidding session establishment with a peer or peer group

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter BGP view.

bgp as-number

N/A