R2511-HP MSR Router Series High Availability Command Reference(V5)
1
BFD configuration commands
bfd authentication-mode
Use bfd authentication-mode to configure the BFD authentication mode on the interface.
Use undo bfd authentication-mode to restore the default.
Syntax
bfd authentication-mode { md5 key-id [ cipher ] key | sha1 key-id [ cipher ] key | simple key-id [ cipher ]
password }
undo bfd authentication-mode
Default
No authentication is configured on an interface.
Views
Interface view
Default command level
2: System level
Parameters
md5: Specifies the MD5 authentication mode.
sha1: Specifies the SHA-1 authentication mode.
simple: Specifies the simple authentication mode.
key-id: Sets the authentication key ID in the range of 1 to 255.
cipher: Sets a ciphertext authentication key or password. If this keyword is not specified, you set a
plaintext authentication key or password.
key: Sets the MD5 or SHA-1 authentication key. This argument is case sensitive. It must be a plaintext
string of 1 to 16 characters or a ciphertext string of 33 to 53 characters.
password: Sets the password for simple authentication. This argument is case sensitive. It must be a
plaintext string of 1 to 16 characters or a ciphertext string of 33 to 53 characters.
Usage guidelines
For security purposes, all authentication passwords, including passwords configured in plain text, are
saved in cipher text.
The authentication mode, key-id, key (or password) used by both ends trying to establish a BFD session
must be the same. If one end changes its authentication mode, it sends the authentication packets in both
the new and the old mode at the same time until the other end also changes to the same authentication
mode.
Examples
# Configure Ethernet 1/1 to support MD5 authentication, setting the authentication key-id to 15 and
plaintext authentication key to BfdKey.
<Sysname> system-view