Key Chains; Overview - Avaya P580 User Manual

CLI Command

Key Chains

Overview

Document No. 650-100-700, Issue 1
Figure 14-4. Add Trusted RIP Neighbors Dialog Box
6. Enter the IP address for the node that acts as the trusted RIP neighbor in
Network Address field.
7. Click APPLY to save your changes, or CANCEL to restore previous
settings.
To create a trusted RIP neighbor using the CLI enter the following
command from Configure mode:
(configure)# route rip <cr>
(configure router rip)# neighbor <ip-addr>
In a full implementation of Key Chains, a Key Chain a set of Keys each
with its own set of parameters used for MD5 encryption. The parameters are
an encryption Key and the period of time that the key is valid. This key
must be identical on each device that will participate in an exchange of
information. In the case of RIP (version 2 only), routers can use MD5
encryption to ensure that only routing information packets (RIP packets)
from authorized routers are accepted.
In a simple implementation, the user creates one Key in a Key Chain and
this key is used until it expires.In an advanced implementation, a Key Chain
contains multiple keys each valid for a limited amount of time. This
provides a periodic change of the encryption key giving the highest level of
security. The drawback to this approach is that every device participating in
an exchange, such as RIP V2 routers on the same subnet, must have their
clocks synchronized. Failure to synchronize would cause devices to use
different keys and hence reject RIP updates from neighboring RIP routers.
Configuring RIP Routing
14-7