Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron

701

702

703

704

705

706

707

708

709

710

FastIron Configuration Guide 645

53-1002494-02

VSRP

Syntax: [no] vsrp auth-type no-auth | simple-text-auth <auth-data>

The auth-type no-auth parameter indicates that the VRID and the interface it is configured on do

not use authentication.

The auth-type simple-text-auth <auth-data> parameter indicates that the VRID and the interface it

is configured on use a simple text password for authentication. The <auth-data> value is the

password, and can be up to eight characters. If you use this parameter, make sure all interfaces on

all the devices supporting this VRID are configured for simple password authentication and use the

same password.

Configuring security features on a VSRP-aware device

This section shows how to configure security features on a VSRP-aware device. For an overview of

this feature, refer to “VSRP-aware security features” on page 639.

Specifying an authentication string for VSRP hello packets

The following configuration defines pri-key as the authentication string for accepting incoming

VSRP hello packets. In this example, the VSRP-aware device will accept all incoming packets that

have this authorization string.

Brocade(config)#vlan 10

Brocade(config-vlan-10)#vsrp-aware vrid 3 simple-text-auth pri-key

Syntax: vsrp-aware vrid <vrid number> simple text auth <string>

Specifying no authentication for VSRP hello packets

The following configuration specifies no authentication as the preferred VSRP-aware security

method. In this case, the VSRP device will not accept incoming packets that have authentication

strings.

Brocade(config)#vlan 10

Brocade(config-vlan-10)#vsrp-aware vrid 2 no-auth

Syntax: vsrp-aware vrid <vrid number> no-auth

The following configuration specifies no authentication for VSRP hello packets received on ports

1/1, 1/2, 1/3, and 1/4 in VRID 4. For these ports, the VSRP device will not accept incoming

packets that have authentication strings.

Brocade(config)#vlan 10

Brocade(config-vlan-10)#vsrp-aware vrid 4 no-auth port-list ethe 1/1 to 1/4

Syntax: vsrp-aware vrid <vrid number> no-auth port-list <port range>

<vrid number> is a valid VRID (from 1 to 255).

no-auth specifies no authentication as the preferred VSRP-aware security method. The VSRP

device will not accept incoming packets that have authentication strings.

simple-text-auth <string> specifies the authentication string for accepting VSRP hello packets,

where <string> can be up to 8 characters.

port-list <port range> specifies the range of ports to include in the configuration.