Displaying And Maintaining Keychain; Keychain Configuration Example; Network Requirements; Configuration Procedure - HPE Moonshot 45Gc Security Configuration Manual

Displaying and maintaining keychain

Execute display commands in any view.
Task
Display keychain information.

Keychain configuration example

Network requirements

As shown in
and use a keychain to authenticate packets between the switches. Configure key 1 and key 2 for the
keychain and make sure key 2 is used immediately when key 1 expires.
Figure 139 Network diagram

Configuration procedure

Configuring Switch A
# Configure IPv6 addresses for interfaces. (Details not shown.)
# Configure OSPFv3.
<SwitchA> system-view
[SwitchA] ospfv3 1
[SwitchA-ospfv3-1] router-id 1.1.1.1
[SwitchA-ospfv3-1] quit
[SwitchA] interface vlan-interface 100
[SwitchA-Vlan-interface100] ospfv3 1 area 0
[SwitchA-Vlan-interface100] quit
# Create a keychain named abc, and specify the absolute time mode for it.
[SwitchA] keychain abc mode absolute
# Create key 1 for the keychain abc, specify an authentication algorithm, and configure a key string
and the sending and receiving lifetimes for the key.
[SwitchA-keychain-abc] key 1
[SwitchA-keychain-abc-key-1] authentication-algorithm hmac-sha-256
[SwitchA-keychain-abc-key-1] key-string plain 123456
[SwitchA-keychain-abc-key-1] send-lifetime utc 10:00:00 2015/02/06 to 11:00:00 2015/02/06
[SwitchA-keychain-abc-key-1] accept-lifetime utc 10:00:00 2015/02/06 to 11:00:00
2015/02/06
[SwitchA-keychain-abc-key-1] quit
# Create key 2 for the keychain abc, specify an authentication algorithm, and configure a key string
and the sending and receiving lifetimes for the key.
Command
display keychain [ name keychain-name [ key key-id ] ]
Figure 139, establish an OSPFv3 neighbor relationship between Switch A and Switch B,
471