R0106-HP MSR Router Series MPLS Command Reference(V7)
57
Usage guidelines
To improve security for LDP sessions, you can configure MD5 authentication for the underlying TCP
connections to check the integrity of LDP messages.
The local LSR and the peer LSR must have the same key. Otherwise, they cannot establish a TCP
connection.
After you change the MD5 authentication key, the local LSR uses the new key to reestablish an LDP
session to the specified peer.
For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
Examples
# Enable LDP MD5 authentication for peer 3.3.3.3 in the public network, and set a plaintext key of pass.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] md5-authentication 3.3.3.3 plain pass
Related commands
display mpls ldp peer
mpls ldp
Use mpls ldp to enable LDP globally and enter LDP view.
Use undo mpls ldp to disable LDP globally for an LSR and delete all LDP-VPN instances.
Syntax
mpls ldp
undo mpls ldp
Default
LDP is globally disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
You must enable LDP globally for an LSR to run LDP.
The NSR and GR commands, the session protection command, and the targeted-peer command are
available only in LDP view. All other commands available in LDP view are also available in LDP-VPN
instance view.
Commands executed in LDP view take effect only on the public network. Commands executed in LDP-VPN
instance view take effect only on the specified VPN instance. The NSR and GR commands are global
commands and take effect on all VPN instances and the public network.
Examples
# Enable LDP globally and enter LDP view.
<Sysname> System-view
[Sysname] mpls ldp