Alcatel-Lucent 7450 System Management Manual page 191

Description This command configures keys for send or receive stream directions.
Default
none
receive
Syntax receive
Context config>system>security>keychain>direction>uni
Description This command enables the receive nodal context. Entries defined under this context are used to
authenticate TCP segments that are being received by the router.
Default
none
send
Syntax send
Context config>system>security>keychain>direction>uni
Description This command specifies the send nodal context to sign TCP segments that are being sent by the router
to another device.
Default
none
entry
Syntax entry entry-id key [authentication-key | hash-key | hash2-key] [hash | hash2] algorithm
algorithm
no entry entry-id
Context config>system>security>keychain>direction>bi
config>system>security>keychain>direction>uni>receive
config>system>security>keychain>direction>uni>send
Description
This command defines a particular key in the keychain. Entries are defined by an entry-id. A key-
chain must have valid entries for the TCP Enhanced Authentication mechanism to work.
The no form of the command removes the entry from the keychain. If the entry is the active entry for
sending, then this will cause a new active key to be selected (if one is available using the youngest
key rule). If it is the ONLY possible send key, then the system will reject the command with an error
indicating the configured key is the only available send key.
If the key is one of the eligible keys for receiving, it will be removed. If the key is the ONLY possible
eligible key, then the command will not be accepted, and an error indicating that this is the only eligi-
ble key will be output.
The no form of the command deletes the entry.
7450 ESS System Mangement Guide
Security
Page 191