Step
3.
Specify the authentication
mode and password.
Configuring area authentication
Area authentication prevents the router from installing routing information from untrusted routers into the
Level- 1 LSDB. The router encapsulates the authentication password in the specified mode in Level- 1
packets (LSP, CSNP, and PSNP) and checks the password in received Level- 1 packets.
Routers in a common area must have the same authentication mode and password.
To configure area authentication:
Step
1.
Enter system view.
2.
Enter IS-IS view.
3.
Specify the area
authentication mode and
password.
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing
domain. A router with the authentication configured encapsulates the password in the specified mode
into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
Step
1.
Enter system view.
2.
Enter IS-IS view.
Command
isis authentication-mode { md5 | simple |
gca key-id { hmac-sha-1 | hmac-sha-224
| hmac-sha-256 | hmac-sha-384 |
hmac-sha-512 } } { cipher cipher-string |
plain plain-string } [ level-1 | level-2 ] [ ip
| osi ]
Command
system-view
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
area-authentication-mode { md5 |
simple | gca key-id { hmac-sha-1 |
hmac-sha-224 | hmac-sha-256 |
hmac-sha-384 | hmac-sha-512 } }
{ cipher cipher-string | plain
plain-string } [ ip | osi ]
Command
system-view
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
131
Remarks
By default, no authentication
is configured.
Remarks
N/A
N/A
By default, no area authentication
is configured.
Remarks
N/A
N/A