The following task shows how to configure BGP dynamic neighbors using address range with Message Digest 5 (MD5) authentication.
Router# configure
Router(config)# router bgp as-number
Router(config-bgp)# neighbor address prefix
Router(config-bgp-nbr)# remote-as as-number
Router(config-bgp-nbr)# password {clear | encrypted} password
Router(config-bgp-nbr)# update-source interface
Router(config-bgp-nbr)# address-family ipv4 unicast
Router# commit
Running Configuration
Router# show running-config router bgp
router bgp 100
address-family ipv4 unicast
!
neighbor 12.12.12.0/24
remote-as 100
password encrypted 053816063349401D
update-source TenGigE0/0/0/5
address-family ipv4 unicast
!
!
!
Configuring EA Authentication
The following task shows how to configure the EA authentication.
Note
|
Configuring EA authentication is a prerequisite for configuring BGP dynamic neighbors with EA authentication.
|
RP/0/RP0/CPU0:R1(config)# key chain bgp_ea
RP/0/RP0/CPU0:R1(config-bgp_ea)# key 1
RP/0/RP0/CPU0:R1(config-bgp_ea-1)# accept-lifetime 00:00:00 january 01 2019 infinite
RP/0/RP0/CPU0:R1(config-bgp_ea-1)# key-string bgp_ea_key
RP/0/RP0/CPU0:R1(config-bgp_ea-1)# send-lifetime 00:00:00 january 01 2019 infinite
RP/0/RP0/CPU0:R1(config-bgp_ea-1)# cryptographic-algorithm HMAC-SHA1-12
RP/0/RP0/CPU0:R1(config-bgp_ea-1)# root
RP/0/RP0/CPU0:R1(config)# commit
Sat Sep 5 10:30:37.219 UTC
RP/0/RP0/CPU0:R1(config)# show run key chain
Sat Sep 5 10:30:41.976 UTC
key chain bgp_ea
key 1
accept-lifetime 00:00:00 january 01 2019 infinite
key-string password 01110114640E07302A4957
send-lifetime 00:00:00 january 01 2019 infinite
cryptographic-algorithm HMAC-SHA1-12
!
!
RP/0/RP0/CPU0:R1# show install active summary
Sat Sep 5 10:36:51.537 UTC
Active Packages: XR: 115 All: 1080
Label: 7.0.1
Optional Packages Version
---------------------------------------------------- ---------------------------
xr-bgp 7.0.1v1.0.0-1
The following task shows how to configure BGP dynamic neighbors using address range with EA authentication.
Router# configure
Router(config)# router bgp as-number
Router(config-bgp)# neighbor address prefix
Router(config-bgp-nbr)# remote-as as-number
Router(config-bgp-nbr)# keychain bgp_ea
Router(config-bgp-nbr)# address-family ipv4 unicast
Router(config-bgp-nbr)# route-policy name
Router(config-bgp-nbr)# route-policy name
Router# commit
Running Configuration
router bgp 100
neighbor 6.1.1.2
remote-as 200
keychain bgp_ea
address-family ipv4 unicast
route-policy bgp_policy in
route-policy bgp_policy out
!