Configuring MD5 authentication on IPv6 VRRP-Ev3 interfaces

Interfaces can be configured with an MD5 encrypted password for authentication, and VRRP-Ev3 can use the same authentication type associated with the interfaces on which you define the virtual router.

Before you begin

VRRP Extended version 3 (VRRP-Ev3) must be configured on the device and the interface associated with a virtual router group.

About this task

Any VRRP-Ev3 packets that do not contain the password are dropped. If your interfaces do not use authentication, neither does VRRP-Ev3. Repeat this task on all interfaces on all devices that support the same virtual router group.

Note

Note

VRRP-E is supported on the devices described in this guide. In a mixed-device environment, consult your documentation for the other devices to determine if VRRP-E is supported.

Procedure

  1. From privileged EXEC mode, enter global configuration mode. 
    device# configure terminal
  2. Globally enable IPv6 VRRP-Ev3. 
    device(config)# ipv6 protocol vrrp-extended
  3. Configure the Virtual Ethernet (VE) interface link for the VRRP-E device. 
    device(config)# interface ve 20
    Only ve interfaces are supported by VRRP-E.
  4. Enter the MD5 password configuration using the ipv6 vrrp-extended auth-type command with a text password. The password will be encrypted when saved in the configuration file. 
    device(config-if-Ve-20)# ipv6 vrrp-extended auth-type md5-auth kfhb61qp
    When an MD5 authentication password is configured on an interface, a syslog message is displayed.
  5. Exit to privileged EXEC mode. 
    device(config-if-Ve-20)# end
  6. Display the VRRP-Ev3 configuration. In this example, only partial output is displayed to verify that MD5 authentication is configured. 
    device# show ipv6 vrrp

Total number of VRRP session(s)   : 1

VRID 1
  Interface: Ve 10;  Ifindex: 1207959562
  Mode: VRRPE
  Admin Status: Enabled
  Description :
  Address family: IPv6
  Version: 2
  Authentication type: MD5 Authentication
.
.
.

Example

The following example configures MD5 authentication for the specified VRRP-E interface. 

device# configure terminal
device(config)# ipv6 protocol vrrp-extended
device(config)# interface ve 20
device(config-if-Ve-20)# ipv6 vrrp-extended auth-type md5-auth kfhb61qp
device(config-if-Ve-20)# end
device# show ipv6 vrrp
9036959-00 Rev AA