Filtering Sources Of Routing Information; Managing Authentication Keys - Cisco ME 3400 Software Configuration Manual

Configuring Protocol-Independent Features

Filtering Sources of Routing Information

Because some routing information might be more accurate than others, you can use filtering to prioritize
information coming from different sources. An administrative distance is a rating of the trustworthiness
of a routing information source, such as a router or group of routers. In a large network, some routing
protocols can be more reliable than others. By specifying administrative distance values, you enable the
router to intelligently discriminate between sources of routing information. The router always picks the
route whose routing protocol has the lowest administrative distance.
the default administrative distances for various routing information sources.
Because each network has its own requirements, there are no general guidelines for assigning
administrative distances.
Beginning in privileged EXEC mode, follow these steps to filter sources of routing information:
Command
Step 1 configure terminal
Step 2 router {bgp | rip | ospf | eigrp}
Step 3 distance weight {ip-address {ip-address mask}}
[ip access list]
Step 4
end
Step 5 show ip protocols
Step 6 copy running-config startup-config
To remove a distance definition, use the no distance router configuration command.

Managing Authentication Keys

Key management is a method of controlling authentication keys used by routing protocols. Not all
protocols can use key management. Authentication keys are available for EIGRP and RIP Version 2.
Before you manage authentication keys, you must enable authentication. See the appropriate protocol
section to see how to enable authentication for that protocol. To manage authentication keys, define a
key chain, identify the keys that belong to the key chain, and specify how long each key is valid. Each
key has its own key identifier (specified with the key number key chain configuration command), which
is stored locally. The combination of the key identifier and the interface associated with the message
uniquely identifies the authentication algorithm and Message Digest 5 (MD5) authentication key in use.
You can configure multiple keys with life times. Only one authentication packet is sent, regardless of
how many valid keys exist. The software examines the key numbers in order from lowest to highest, and
uses the first valid key it encounters. The lifetimes allow for overlap during key changes. Note that the
router must know these lifetimes.
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
35-108
Chapter 35
Table 35-16 on page 35-98
Purpose
Enter global configuration mode.
Enter router configuration mode.
Define an administrative distance.
weight—The administrative distance as an integer from
10 to 255. Used alone, weight specifies a default
administrative distance that is used when no other
specification exists for a routing information source.
Routes with a distance of 255 are not installed in the
routing table.
(Optional) ip access list—An IP standard or extended
access list to be applied to incoming routing updates.
Return to privileged EXEC mode.
Display the default administrative distance for a
specified routing process.
(Optional) Save your entries in the configuration file.
Configuring IP Unicast Routing
shows
OL-9639-07