configure msdp peer password

configure msdp peer [remoteaddr | all] password {none | {encrypted} encrypted_tcp_password | tcp_password } {vr vrname}

Description

This command configures a TCP RSA Data Security, Inc. MD5 Message-Digest Algorithm password for an MSDP peer.This command enables TCP RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication for a MSDP peer. When a password is configured, MSDP receives only authenticated MSDP messages from its peers. All MSDP messages that fail TCP RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication are dropped.

Syntax Description

peer all Specifies all MSDP peers.
remoteaddr Specifies the IP address of the MSDP peer.
none Removes the previously configured password.
encrypted Encrypts the password for RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication. To improve security, the password displays in encrypted format and cannot be seen as simple text. Additionally, the password is saved in encrypted format.
tcpPassword Specifies the password to use for RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication at the TCP level. The password must be an ASCII string with a maximum of 31 characters.
vrname Specifies the name of the virtual router to which this command applies. If a name is not specified, it is extracted from the current CLI context.

Defaults

By default, TCP RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication is disabled for the MSDP peer.

Usage Guidelines

We recommend that you enable TCP RSA Data Security, Inc. MD5 Message-Digest Algorithm authentication for all MSDP peers to protect MSDP sessions from attacks. You can execute this command only when the MSDP peer is disabled or when MSDP is globally disabled on that VR.

Example

The following example configures a password for the MSDP peer with the IP address 192.168.45.43, which automatically enables TCP MD5 authentication:

configure msdp peer 192.168.45.43 password test123

The following command removes the password:

configure msdp peer 192.168.45.43 password none

History

This command was first available in ExtremeXOS 12.0.

Platform Availability

This command is available on platforms that support the appropriate license. For complete information about software licensing, including how to obtain and upgrade your license and which licenses support the MSDP feature, see the Switch Engine v33.1.1 Licensing Guide document.