R0106-HP MSR Router Series Layer 3 - IP Routing Command Reference(V7)
231
Usage guidelines
When domain authentication mode and password are configured, a Level-2 or Level-1-2 router adds the
password in the specified mode into transmitted Level-2 packets (including LSPs, CSNPs, and PSNPs). It
also checks the password in the received Level-2 packets.
To prevent packet exchange failure in case of an authentication password change, configure IS-IS not to
check the authentication information in the received packets.
Examples
# Configure IS-IS not to check the authentication information in the received packets.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] domain-authentication send-only
Related commands
• area-authentication send-only
• domain-authentication-mode
• isis authentication send-only
domain-authentication-mode
Use domain-authentication-mode to specify the routing domain authentication mode and a password.
Use undo domain-authentication-mode to restore the default.
Syntax
domain-authentication-mode { md5 | simple | gca key-id { hmac-sha-1 | hmac-sha-224 |
hmac-sha-256 | hmac-sha-384 | hmac-sha-512 } } { cipher cipher-string | plain plain-string } [ ip | osi ]
undo domain-authentication-mode
Default
No routing domain authentication or password is configured.
Views
IS-IS view
Predefined user roles
network-admin
Parameters
md5: Specifies the MD5 authentication mode.
simple: Specifies the simple authentication mode.
gca: Specifies the GCA mode.
key-id: Uniquely identifies an SA in the range of 1 to 65535. The sender inserts the Key ID into the
authentication TLV, and the receiver authenticates the packet by using the SA that is selected based on the
Key ID.
hmac-sha-1: Specifies the HMAC-SHA-1 algorithm.
hmac-sha-224: Specifies the HMAC-SHA-224 algorithm.
hmac-sha-256: Specifies the HMAC-SHA-256 algorithm.