Is-is authentication configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

532

[RouterD-rip-1] undo summary

# Configure route redistribution from RIP to IS-IS on SecPath.

[SecPath-rip-1] quit

[SecPath] isis 1

[SecPath-isis-1] import-route rip level-2

# Display IS-IS routing information on Router C.

[RouterC] display isis route

Route information for ISIS(1)

-----------------------------

ISIS(1) IPv4 Level-1 Forwarding Table

-------------------------------------

IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags

--------------------------------------------------------------------------

10.1.1.0/24 10 NULL GE0/2 Direct D/L/-

10.1.2.0/24 10 NULL GE0/1 Direct D/L/-

192.168.0.0/24 10 NULL GE0/3 Direct D/L/-

Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set

ISIS(1) IPv4 Level-2 Forwarding Table

-------------------------------------

IPV4 Destination IntCost ExtCost ExitInterface NextHop Flags

--------------------------------------------------------------------------

10.1.1.0/24 10 NULL GE0/2 Direct D/L/-

10.1.2.0/24 10 NULL GE0/1 Direct D/L/-

192.168.0.0/24 10 NULL GE0/3 Direct D/L/-

10.1.4.0/24 10 NULL GE0/3 192.168.0.2 R/L/-

10.1.5.0/24 20 NULL GE0/3 192.168.0.2 R/L/-

10.1.6.0/24 20 NULL GE0/3 192.168.0.2 R/L/-

Flags: D-Direct, R-Added to RM, L-Advertised in LSPs, U-Up/Down Bit Set

IS-IS authentication configuration example

Network requirements

As shown in

Figure 300

, SecPath A, SecPath B, SecPath C and SecPath D reside in the same IS-IS routing

domain.
SecPath A, SecPath B, and SecPath C belong to Area 10, and SecPath D belongs to Area 20.
Configure neighbor relationship authentication between neighbors. Configure area authentication in
Area 10 to prevent untrusted routes from entering into the area. Configure routing domain authentication

on SecPath C and SecPath D to prevent untrusted routes from entering the routing domain.