Avaya Configuring IP Exterior Gateway Protocols (BGP and EGP) Instrukcja Użytkownika Strona 105
- Strona / 276
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Configuring BGP Peers
308628-15.0 Rev 00
4-23
When you enable BGP-4 TCP MD5 authentication, the router computes an MD5
signature for each TCP packet, based on the TCP packet and a per-peer secret key.
The router adds this MD5 signature to the TCP packet containing a BGP message
and sends it with the packet, but it does not send the secret key.
The receiver of the TCP packet also knows the secret key and can verify the MD5
signature. A third party trying to masquerade as the sender, however, cannot
generate an authentic signature because it does not know the secret key.
The per-peer secret keys provide the security. If the keys are compromised (for
example, by transfer of the configuration file), then the authentication itself is
compromised. To prevent this, the secret keys can be stored in encrypted form in
the configuration file and the MIB, using the Technician Interface secure shell to
encrypt the per-peer secret keys. The secure shell uses DES to encrypt the secret
keys, and the DES key (the NPK/MEK) is stored in the router’s nonvolatile RAM
(NVRAM).
Use the Technician Interface secure shell to enter the message encryption key/
node protection key (NPK/MEK) value before you set the MD5 authentication
parameters. For information about the Technician Interface secure shell, see
Configuring IPsec Services. You can enter the authentication keys using the BCC
or Site Manager.
Entering and Storing MD5 Authentication Keys
To configure BGP TCP MD5 authentication, set the wfBgpPeerTcpAuthentication
MIB object to MD5. You can then enter an optional, variable-length ASCII
authentication key for each BGP-4 peer. This key is stored in the
wfBgpPeerTcpMd5Key MIB object. Setting the authentication key also enables
authentication for the peer connection. Both peers must be configured with the
same authentication key.
When an authentication key is stored in the MIB or the configuration file, it can
optionally be encrypted using DES with the NPK/MEK key, as selected by the
wfBgpPeerTcpMd5KeyStorage MIB object.
- Configuring IP Exterior 1
- Gateway Protocols 1
- (BGP and EGP) 1
- Trademarks 2
- Restricted Rights Legend 2
- Statement of Conditions 2
- Contents 5
- 308628-15.0 Rev 00 6
- Before You Begin 15
- Text Conventions 16
- Set Trap Monitor Filters 17
- Acronyms 18
- Related Publications 20
- How to Get Help 21
- Chapter 1 23
- Border Gateway Protocol (BGP) 25
- BGP Concepts and Terminology 26
- Peer-to-Peer Sessions 27
- Interior BGP Routing 28
- IBGP Route Reflector 29
- Equal-Cost Multipath 30
- BGP Updates 30
- Path Attributes 31
- BGP/OSPF Interaction 32
- BGP-4 Confederations 33
- BGP Implementation Notes 34
- Chapter 2 37
- Starting BGP and EGP Services 37
- Deleting EGP from the Router 43
- Chapter 3 45
- Disabling and Reenabling BGP 46
- Supplying a BGP Router ID 48
- Identifying the Local AS 49
- Enabling Multihop Connections 57
- Figure 3-1. BGP Confederation 67
- Selection 69
- Best-Route Selection 71
- Chapter 4 83
- Negotiating the BGP Version 88
- Keeping the Connection Alive 90
- Specifying a Holddown Time 93
- 2.2.2.5: 95
- Setting the Route Echo Switch 100
- Configuring BGP Peers 103
- 308628-15.0 Rev 00 104
- Using Site Manager 109
- Chapter 5 111
- Topic Page 112
- Examples 118
- Announce Policy Guidelines 123
- Chapter 6 139
- Configuring a Route Reflector 139
- Configuring an RR Client 148
- Chapter 7 151
- Chapter 8 161
- Customizing EGP Services 161
- EGP Concepts and Terminology 162
- EGP Implementation Notes 165
- Customizing EGP on the Router 166
- Configuring a Neighbor 167
- Specifying the Gateway Mode 169
- Choosing the Acquisition Mode 171
- Choosing the Poll Mode 172
- Setting Neighbor Timers 173
- Appendix A 175
- Site Manager Parameters 175
- BGP Parameters 176
- BGP Configuration Parameters 177
- BGP Global Parameters 178
- BGP-3 Global Parameter 185
- BGP-4 Global Parameter 185
- BGP Peer Parameters 185
- BGP Event Message Parameters 198
- EGP Parameters 199
- EGP Neighbor Parameters 200
- Routing Policy Parameters 203
- Appendix B 257
- Regular Expression Symbols 268
Powiązane produkty i podręczniki dla Oprogramowanie Avaya Configuring IP Exterior Gateway Protocols (BGP and EGP)
Oprogramowanie Avaya Connecting BayStack AN and ANH Platforms to a Network Instrukcja Użytkownika
(168 strony)
(168 strony)
Oprogramowanie Avaya Advanced Paging Productivity Pack Configuration Instrukcja Użytkownika
(32 strony)
(32 strony)
Oprogramowanie Avaya Configuring and Troubleshooting Bay Dial VPN (DVS) Networks Instrukcja Użytkownika
(190 strony)
(190 strony)
Oprogramowanie Avaya R4.3 Instrukcja Użytkownika
(368 strony)
(368 strony)
Oprogramowanie Avaya Read Me First: Router Software 11.02 and Site Manager 5.02 Instrukcja Użytkownika
(10 strony)
(10 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.058 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji