Configuring Rsvp Authentication For An Interface - Cisco NCS 5500 Series Configuration Manual
Mpls ios xr release 6.2.x
Hide thumbs
Also See for NCS 5500 Series:
- Configuration manuals (268 pages) ,
- Configuration manual (172 pages) ,
- Hardware installation manual (146 pages)
Table of Contents
Advertisement
Implementing RSVP for MPLS-TE
Configuration Example
In this example, authentication parameters are configured globally on a router. The authentication parameters
including authentication key-chain, lifetime, and window size are configured. A valid key-chain should be
configured before performing this task.
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# key chain mpls-keys
RP/0/RP0/CPU0:router(config-mpls-keys)# exit
RP/0/RP0/CPU0:router(config)# rsvp authentication
RP/0/RP0/CPU0:router(config-rsvp-auth)# key-source key-chain mpls-keys
RP/0/RP0/CPU0:router(config-rsvp-auth)# life-time 2000
RP/0/RP0/CPU0:router(config-rsvp-auth)# window-size 33
Verification
Verify the configuration of authentication parameters using the following command.
RP/0/RP0/CPU0:router# show rsvp authentication detail
RSVP Authentication Information:
Source Address:
Destination Address:
Neighbour Address:
Interface:
Direction:
LifeTime:
LifeTime left:
KeyType:
Key Source:
Key Status:
KeyID:
Digest:
window-size:
Challenge:
TX Sequence:
Messages successfully authenticated:
Messages failed authentication:
Related Topics
•
Configuring RSVP Authentication for an Interface, on page 29
•
Configuring RSVP Authentication on a Neighbor, on page 30
•
RSVP for MPLS-TE Features- Details, on page 34
Configuring RSVP Authentication for an Interface
You can individually configure the values of RSVP authentication parameters including key-chain, life time,
and window size on an interface. Interface specific authentication parameters are used to secure specific
interfaces between two RSVP neighbors.
Configuration Example
This example configures authentication key-chain, life time for the security association, and window size on
an interface. A valid key-chain should be already configured to use it as part of this task.
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# rsvp interface HundredGigabitEthernet0/0/0/3
RP/0/RP0/CPU0:router(config-rsvp-if)# authentication
RP/0/RP0/CPU0:router(config-rsvp-if-auth)# key-source key-chain mpls-keys
RP/0/RP0/CPU0:router(config-rsvp-if-auth)# life-time 2000
3.0.0.1
3.0.0.2
3.0.0.2
HundredGigabitEthernet 0/0/0/3
Send
2000 (sec)
1305 (sec)
Static Global KeyChain
mpls-keys
No error
1
HMAC MD5 (16)
33
Not supported
5023969459702858020 (0x45b8b99b00000124)
245
0
MPLS Configuration Guide for Cisco NCS 5500 Series Routers, IOS XR Release 6.2.x
Configuring RSVP for MPLS-TE
29
Advertisement
Table of Contents
