Ripv2 Text Authentication (Multiple Keys) - Allied Telesis SwitchBlade x908 Series Software Reference Manual
Switchblade x908/x900 series alliedware plus operating system software reference for version 5.3.1
Hide thumbs
Also See for SwitchBlade x908 Series:
- Hardware reference manual (65 pages) ,
- Software manual (56 pages) ,
- Installation and safety manual (55 pages)
Table of Contents
Advertisement
RIP Configuration
RIPv2 text authentication
(multiple keys)
This example illustrates text authentication of the routing information exchange process for RIP
using multiple keys. The routing devices in this example are Allied Telesis managed Layer 3
Switches. Switch 1 and Switch 2 are running RIP and exchanging routing updates. To configure
authentication on Switch 1, define a key chain, specify keys in the key chain and then define the
authentication string or passwords to be used by the keys. Set the time period during which it is
valid to receive or send the authentication key by specifying the accept and send lifetimes. After
defining the key string, specify the key chain (or the set of keys) that will be used for
authentication on each interface and also the authentication mode to be used.
Switch 1 accepts all packets that contain any key string that matches one of the key strings
included in the specified key chain (within the accept lifetime) on that interface. The key ID is
not considered for matching. For additional security, the accept lifetime and send lifetime are
configured such that every fifth day the key ID and key string changes. To maintain continuity,
the accept lifetimes should be configured to overlap. This will accommodate different time-
setup on machines. However, the send lifetime does not need to overlap and we recommend
not configuring overlapping send lifetimes.
Switch 1
awplus#configure terminal
awplus(config)#router rip
awplus(config-router)#network 10.10.10.0/24
awplus(config-router)#redistribute
connected
awplus(config-router)#exit
awplus(config)#key chain SUN
awplus(config-keychain)#key 10
awplus(config-keychain-key)#key-string
Secret
awplus(config-keychain-key)#accept-lifetime
12:00:00 Mar 2 2007 14:00:00 Mar 7 2007
awplus(config-keychain-key)#send-lifetime
12:00:00 Mar 2 2007 12:00:00 Mar 7 2007
awplus(config-keychain-key)#exit
31.6
port1.0.2
port1.0.1
10.10.11.10
10.10.10.10
Switch 1
Software Reference for SwitchBlade® x908, x900 and x600 Series Switches
TM
AlliedWare Plus
Operating System - Software Version 5.3.1
port1.0.2
10.10.10.50
Switch 2
Enter the Configure mode.
Define a RIP routing process and enter the Router
mode.
Associate network 10.10.10.0/24 with the RIP
process.
Enable redistributing of connected routes.
Exit the Router mode and return to the Configure
mode.
Enter the key chain management mode to add keys to
the key chain SUN.
Add authentication key ID (10) to the key chain SUN.
Specify a password (Secret) to be used by the specified
key.
Specify the time period during which authentication key
string Secret can be received. In this case, key string
Secret can be received from noon of March 2 to 2 pm
March 7, 2007.
Specify the time period during which authentication key
string Secret can be send. In this case, key string Secret
can be received from noon of March 2 to noon of
March 7, 2007.
Exit the keychain-key mode and return to
keychain mode.
port1.0.1
10.10.12.50
rip_4
C613-50007-01 REV B
- Quick Links:
- Thrash-Limiting
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
