Table of Contents
Advertisement
neighbor 10.10.200.102 remote-as 1
neighbor 10.10.200.102 password 1 $on-o
Notice that the software has converted the commands that specify an authentication string into the new syntax
(described below), and has encrypted display of the authentication strings.
Command Syntax
Since the default behavior in software release 07.1.14 does not affect the BGP4 configuration itself but does
encrypt display of the authentication string, the CLI does not list the encryption options.
Syntax: [no] neighbor <ip-addr> | <peer-group-name> password [0 | 1] <string>
The <ip-addr> | <peer-group-name> parameter indicates whether you are configuring an individual neighbor or a
peer group. If you specify a neighbor's IP address, you are configuring that individual neighbor. If you specify a
peer group name, you are configuring a peer group.
The password <string> parameter specifies an MD5 authentication string for securing sessions between the
Layer 3 Switch and the neighbor. You can enter a string up to 80 characters long. The string can contain any
alphanumeric characters, but the first character cannot be a number. If the password contains a number, do not
enter a space following the number.
The 0 | 1 parameter is the encryption option, which you can omit (the default) or which can be one of the following.
•
0 – Disables encryption for the authentication string you specify with the command. The password or string is
shown as clear text in the output of commands that display neighbor or peer group configuration information.
•
1 – Assumes that the authentication string you enter is the encrypted form, and decrypts the value before
using it.
NOTE: If you want the software to assume that the value you enter is the clear-text form, and to encrypt display
of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software to use the default
behavior.
If you specify encryption option 1, the software assumes that you are entering the encrypted form of the password
or authentication string. In this case, the software decrypts the password or string you enter before using the
value for authentication. If you accidentally enter option 1 followed by the clear-text version of the password or
string, authentication will fail because the value used by the software will not match the value you intended to use.
Displaying the Authentication String
If you want to display the authentication string, enter the following commands:
BigIron(config)# enable password-display
BigIron(config)# show ip bgp neighbors
The enable password-display command enables display of the authentication string, but only in the output of the
show ip bgp neighbors command. Display of the string is still encrypted in the startup-config file and running-
config. Enter the command at the global CONFIG level of the CLI.
NOTE: The command also displays SNMP community strings in clear text, in the output of the show snmp
server command.
Adding a BGP4 Peer Group
A peer group is a set of BGP4 neighbors that share common parameters. Peer groups provide the following
benefits:
•
Simplified neighbor configuration – You can configure a set of neighbor parameters and then apply them to
multiple neighbors. You do not need to individually configure the common parameters individually on each
neighbor.
December 2000
Configuring BGP4
19 - 21
- Quick Links:
- Configuring Ip Addresses
Hide quick links:
Advertisement
Chapters
Table of Contents
