Manualshelf

R3303-HP HSR6800 Routers High Availability Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
41424344454647484950
36
DLDP authentication mode
You can use DLDP authentication to prevent network attacks and illegal detecting. The following DLDP
authentication modes are available:
Non-authentication:
{ The sending side sets the Authentication field and the Authentication type field of DLDP packets
to 0.
{ The receiving side checks the values of the two fields of received DLDP packets and drops
packets where the two fields conflict with the corresponding local configuration.
Simple authentication:
{ Before sending a DLDP packet, the sending side sets the Authentication field to the user
configured password and sets the Authentication type field to 1.
{ The receiving side checks the values of the two fields in received DLDP packets and drops any
packets where the two fields conflict with the corresponding local configuration.
MD5 authentication:
{ Before sending a packet, the sending side encrypts the user configured password by using the
MD5 algorithm, assigns the digest to the Authentication field, and sets the Authentication type
field to 2.
{ The receiving side checks the values of the two fields in received DLDP packets and drops any
packets where the two fields conflicting with the corresponding local configuration.
DLDP processes
1. On a DLDP-enabled link that is in up state, DLDP sends DLDP packets to the peer device and
processes the DLDP packets received from the peer device. DLDP packets sent vary with DLDP
states.
Table 14 DLDP packet types and DLDP states
DLDP state T
yp
e of DLDP
p
ackets sent
Active Advertisement packet with RSY tag.
Advertisement Normal Advertisement packet.
Probe Probe packet.
Disable Disable packet and then RecoverProbe packet.
NOTE:
A
device sends Flush packets when it transits to Initial state from Active, Advertisement, Probe, or
DelayDown state, but does not send them when it transits to the Initial state from Inactive or Disable state.
2. DLDP processes the packet received from a neighbor in the following ways:
{ In any of the three authentication modes, drops the packet if it fails to pass authentication.
{ Drops the packet if it carries an advertisement interval different than the local setting.
{ Processes the packet and handles DLDP port state as shown in Table 15 depending on its type.