Manualshelf

R3102-R3103-HP 6600/HSR6600 Routers MPLS Command Reference Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG TAA-compliant Router
351352353354355356357358359360
342
retrans-interval: Interval at which the interface retransmits LSAs, in the range of 1 to 8192 seconds. The
default is 5 seconds.
delay: Delay interval before the interface sends an LSA, in the range of 1 to 8192 seconds. The default
is 1 second.
simple [ cipher | plain ] password1: Uses simple authentication.
cipher: Sets a ciphertext key.
plain: Sets a plaintext key.
password1: Specifies the key string. This argument is case sensitive. If cipher is specified, it must be
a ciphertext string of 1 to 41 characters. If plain is specified, it must be a string of 1 to 8 characters.
If neither cipher nor plain is specified, you set a plaintext key string.
md5: Uses MD5 algorithm for authentication.
hmac-md5: Uses HMAC-MD5 algorithm for authentication.
key-id: Authentication key ID of the interface, in the range of 1 to 255. It must be the same as that of the
peer.
cipher: Sets a ciphertext key.
plain: Sets a plaintext key.
password2: Specifies the key string. This argument is case sensitive. If cipher is specified, it must be
a ciphertext string of 1 to 53 characters. If plain is specified, it must be a string of 1 to 16 characters.
If neither cipher nor plain is specified, you can set a plaintext key of 1 to 16 characters or a
ciphertext key of 33 to 53 characters.
Usage guidelines
If two PEs belong to the same AS and a backdoor link is present, a sham link can be established between
them.
No matter which of the simple and the MD5/HMAC-MD5 authentication is used, for security purposes,
all authentication keys, including keys configured in plain text, are saved in cipher text to the
configuration file.
This command can configure MD5 or simple authentication for a sham link, but not both. For MD5/
HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times,
but a key-id can correspond with only one key.
If you configure an authentication mode for a sham link, this mode is used no matter whether a mode is
configured for the OSPF area where the sham link resides.
If you do not configure an authentication mode for a sham link but configure one for the OSPF area
where the sham link resides, the mode for the OSPF area is used.
Examples
# Create a sham link with the source address of 1.1.1.1 and the destination address of 2.2.2.2.
<Sysname> system-view
[Sysname] ospf
[Sysname-ospf-1] area 0
[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2
tnl-policy (VPN instance view/IPv4 VPN view)
Use tnl-policy to associate the current VPN instance with a tunneling policy.