Step
3.
Specify the area
authentication mode and
password.
Configuring routing domain authentication
Routing domain authentication prevents untrusted routing information from entering into a routing
domain. A router with the authentication configured encapsulates the password in the specified mode
into Level-2 packets (LSP, CSNP, and PSNP) and check the password in received Level-2 packets.
All the routers in the backbone must have the same authentication mode and password.
To configure routing domain authentication:
Step
1.
Enter system view.
2.
Enter IS-IS view.
3.
Specify the routing domain
authentication mode and
password.
Configuring IS-IS GR
GR ensures forwarding continuity when a routing protocol restarts or an active/standby switchover
occurs.
Two routers are required to complete a GR process. The following are router roles in a GR process.
GR restarter—Graceful restarting router. It must have GR capability.
•
GR helper—A neighbor of the GR restarter. It assists the GR restarter to complete the GR process.
•
By default, the device acts as the GR helper.
Configure IS-IS GR on the GR restarter.
GR restarter uses the following timers:
T1 timer—Specifies the times that GR restarter can send a Restart TLV with the RR bit set. When
•
rebooted, the GR restarter sends a Restart TLV with the RR bit set to its neighbor. If the GR restarter
receives a Restart TLV with the RA set from its neighbor before the T1 timer expires, the GR process
starts. Otherwise, the GR process fails.
Command
area-authentication-mode { md5 |
simple | gca key-id { hmac-sha-1 |
hmac-sha-224 | hmac-sha-256 |
hmac-sha-384 | hmac-sha-512 } }
{ cipher cipher-string | plain
plain-string } [ ip | osi ]
Command
system-view
isis [ process-id ] [ vpn-instance
vpn-instance-name ]
domain-authentication-mode
{ md5 | simple | gca key-id
{ hmac-sha-1 | hmac-sha-224 |
hmac-sha-256 | hmac-sha-384 |
hmac-sha-512 } } { cipher
cipher-string | plain plain-string }
[ ip | osi ]
151
Remarks
By default, no area authentication
is configured.
Remarks
N/A
N/A
By default, no routing domain
authentication is configured.