VRRP and VRRP-E authentication types
This section describes VRRP and VRRP-E authentication parameters.
Configuring authentication type
The Brocade implementation of VRRP and VRRP-E supports the following authentication types for authenticating VRRP and VRRP-E
traffic:
•
No authentication - The interfaces do not use authentication. This is the default for VRRP and VRRP-E both for IPv4 and IPv6.
•
Simple - The interfaces use a simple text-string as a password in packets sent on the interface.
•
All interfaces on the same VRID must use the same authentication type and the same password.
IPv4 VRRP-E and IPv6 VRRP-E supports the following authentication type:
•
HMAC-MD5-96
- The interfaces use HMAC-MD5-96 authentication for VRRP-E packets.
NOTE
HMAC-MD5-96 authentication is not supported for VRRP.
To configure the VRID interface on Switch 1 for simple password authentication using the password "ourpword", enter the following
commands.
Configuring Switch 1
device Switch1(config)#interface ethernet 1/1/6
device Switch1(config-if-1/1/6)#ip vrrp auth-type simple-text-auth ourpword
VRRP syntax
Syntax:
auth-type
no-auth
|
simple-text-auth
auth-data
The
auth-type no-auth
option indicates that the VRID and the interface it is configured on do not use authentication.
The
simple-text-auth
auth-data
option indicates that the VRID and the interface it is configured on use a simple text password for
authentication. The
auth-data
variable is the password. If you use this variable, make sure all interfaces on all the routers supporting this
VRID are configured for simple password authentication and use the same password.
NOTE
For VRRP v3, authentication is deprecated by RFC 5768.
VRRP-E syntax
For IPv4 VRRP-E:
Syntax:
ip vrrp-extended
auth-type
no-auth
|
simple-text-auth
auth-data
|
md5-auth
[
0
|
1
]
key
For IPv6 VRRP-E:
Syntax:
ipv6 vrrp-extended
auth-type
no-auth
|
simple-text-auth
auth-data
|
md5-auth
[
0
|
1
]
key
The values for the
no-auth
and
simple-text-auth
auth-data
options are the same as for VRRP.
The
md5-auth
option configures the interface to use HMAC-MD5-96 for VRRP-E authentication.
Additional VRRP and VRRP-E parameter configuration
FastIron Ethernet Switch Layer 3 Routing
53-1003627-04
529
Summary of Contents for FastIron SX 1600
Page 2: ...FastIron Ethernet Switch Layer 3 Routing 2 53 1003627 04 ...
Page 16: ...FastIron Ethernet Switch Layer 3 Routing 16 53 1003627 04 ...
Page 20: ...FastIron Ethernet Switch Layer 3 Routing 20 53 1003627 04 ...
Page 142: ...FastIron Ethernet Switch Layer 3 Routing 142 53 1003627 04 ...
Page 150: ...FastIron Ethernet Switch Layer 3 Routing 150 53 1003627 04 ...
Page 200: ...FastIron Ethernet Switch Layer 3 Routing 200 53 1003627 04 ...
Page 214: ...FastIron Ethernet Switch Layer 3 Routing 214 53 1003627 04 ...
Page 350: ...FastIron Ethernet Switch Layer 3 Routing 350 53 1003627 04 ...
Page 476: ...FastIron Ethernet Switch Layer 3 Routing 476 53 1003627 04 ...
Page 588: ...FastIron Ethernet Switch Layer 3 Routing 588 53 1003627 04 ...