Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1411141214131414141514161417141814191420
FastIron Configuration Guide 1359
53-1002494-02
Basic configuration tasks required for BGP4
Encryption of BGP4 MD5 authentication keys
When you configure a BGP4 neighbor or neighbor peer group, you can specify an MD5
authentication string for authenticating packets exchanged with the neighbor or peer group of
neighbors.
For added security, the software encrypts display of the authentication string by default. The
software also provides an optional parameter to disable encryption of the authentication string, on
an individual neighbor or peer group basis. By default, the MD5 authentication strings are
displayed in encrypted format in the output of the following commands:
show running-config (or write terminal)
show configuration
show ip bgp config
When encryption of the authentication string is enabled, the string is encrypted in the CLI
regardless of the access level you are using.
If you display the running-config after reloading, the BGP4 commands that specify an
authentication string show the string in encrypted form.
In addition, when you save the configuration to the startup-config file, the file contains the new
BGP4 command syntax and encrypted passwords or strings.
NOTE
Brocade recommends that you save a copy of the startup-config file for each switch you plan to
upgrade.
Encryption example
The following commands configure a BGP4 neighbor and a peer group, and specify MD5
authentication strings (passwords) for authenticating packets exchanged with the neighbor or peer
group.
Here is how the commands appear when you display the BGP4 configuration commands.
Notice that the software has converted the commands that specify an authentication string into
the new syntax (described below), and has encrypted display of the authentication strings.
Brocade(config-bgp-router)#local-as 2
Brocade(config-bgp-router)#neighbor xyz peer-group
Brocade(config-bgp-router)#neighbor xyz password abc
Brocade(config-bgp-router)#neighbor 10.10.200.102 peer-group xyz
Brocade(config-bgp-router)#neighbor 10.10.200.102 password test
Brocade#show ip bgp config
Current BGP configuration:
router bgp
local-as 2
neighbor xyz peer-group
neighbor xyz password 1 $!2d
neighbor 10.10.200.102 peer-group xyz
neighbor 10.10.200.102 remote-as 1
neighbor 10.10.200.102 password 1 $on-o