Key-Source Key-Chain - Cisco ASR 9000 Series Configuration Manual
Aggregation services router mpls
Hide thumbs
Also See for ASR 9000 Series:
- Command reference manual (1138 pages) ,
- Routing configuration manual (702 pages) ,
- Reference manual (696 pages)
Table of Contents
Advertisement
Key-source Key-chain
An SA is created dynamically when sending and receiving messages that require authentication. The neighbor,
source, and destination addresses are obtained either from the IP header or from an RSVP object, such as a
HOP object, and whether the message is incoming or outgoing.
When the SA is created, an expiration timer is created. When the SA authenticates a message, it is marked as
recently used. The lifetime timer periodically checks if the SA is being used. If so, the flag is cleared and is
cleaned up for the next period unless it is marked again.
This table shows how to locate the source and destination address keys for an SA that is based on the message
type.
Table 4: Source and Destination Address Locations for Different Message Types
Message Type
Path
PathTear
PathError
Resv
ResvTear
ResvError
ResvConfirm
Ack
Srefresh
Hello
Bundle
Related Topics
Specifying the Keychain for RSVP Neighbor Authentication, on page 93
RSVP Neighbor Authentication: Example, on page 103
Configuring a Lifetime for RSVP Neighbor Authentication, on page 94
RSVP Authentication Global Configuration Mode: Example, on page 102
Key-source Key-chain
The key-source key-chain is used to specify which keys to use.
Cisco ASR 9000 Series Aggregation Services Router MPLS Configuration Guide, Release 4.3.x
72
Source Address Location
HOP object
HOP object
HOP object
HOP object
HOP object
HOP object
IP header
IP header
IP header
IP header
—
Implementing RSVP for MPLS-TE
Destination Address Location
SESSION object
SESSION object
IP header
IP header
IP header
IP header
CONFIRM object
IP header
IP header
IP header
—
OL-28381-02
Advertisement
Table of Contents
