I went through setting up BGP neighbor description & BGP neighbor passwords.
BGP Neighbor Description
The BGP Neighbor Description is just for your use to understand in a later point of time what you are dealing with & is very simple to configure;
R0(config)#ip routing
R0(config)#router bgp 100
R0(config-router)#neigh 10.1.10.1 remote-as 101
R0(config-router)#neigh 10.1.10.1 description connected to right side router
R0(config-router)#end
R0(config)#ip routing
R0(config)#router bgp 100
R0(config-router)#neigh 10.1.10.1 remote-as 101
R0(config-router)#neigh 10.1.10.1 desc
R0(config-router)#neigh 10.1.10.1 description connected to right side router
R0(config-router)#end
BGP Neighbor Password
Setting a password is also very simple & neat. Al you do is set the password & poof you have secure BGP connections. MD5 hashing is used.
R0(config-if)#router bgp 100
R0(config-router)#neighbor 10.1.10.1 password cisco
R0(config-router)#end
R0#
*Mar 1 00:31:12.555: %SYS-5-CONFIG_I: Configured from console by console
R0#
R0#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R0(config)#int s0/0
R0(config-if)#no shut
R0(config-if)#end
R0#
*Mar 1 00:31:54.275: %SYS-5-CONFIG_I: Configured from console by console
R0#
*Mar 1 00:31:55.835: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R0#
*Mar 1 00:31:56.839: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
*Mar 1 00:32:07.711: %BGP-5-ADJCHANGE: neighbor 10.1.10.1 Up
R0#
*Mar 1 00:33:08.375: %TCP-6-BADAUTH: Invalid MD5 digest from 10.1.10.1(179) to 10.1.10.100(12605)
*Mar 1 00:33:10.055: %TCP-6-BADAUTH: Invalid MD5 digest from 10.1.10.1(179) to 10.1.10.100(12605)
*Mar 1 00:33:13.135: %TCP-6-BADAUTH: Invalid MD5 digest from 10.1.10.1(179) to 10.1.10.100(12605)
*Mar 1 00:33:19.275: %TCP-6-BADAUTH: Invalid MD5 digest from 10.1.10.1(179) to 10.1.10.100(12605)
R0#
The message keeps popping until the other side is configured with the same password.
An interesting thing to note was that space is accepted in the password. so be careful when you issue a ? to see further options. i hit the point where a BGP notification was sent even though the password matched or @least appeared to have matched that's when I realized is had checked for context sensitive help & left a space in the end :)
Subscribe to:
Post Comments (Atom)
Top 7 popular posts on cciedash !
-
`There always comes a point where a design decision has to be made. When we connect ASA with the nexus switch, we have the option of making...
-
Well if you are like me relying on online racks to prepare for the lab then you are not going to be too happy !! With the introduction of C...
-
choosing rack rental for practice is vital. I have used cconlinelabs & was happy with their equipment. They had the 2800 for the routers...
-
Hope we all had a wonderful holiday with lots of fun . Well its the New Year, time to change things around & time to earn the CCIE I am ...
-
Nothing too fancy. Sticking to the basics. Eyeballing the version 1 stuff of IEWB. working out my weak areas. Going through some theory for ...
-
Cisco has been fast at implementing the near-TRILL standard calling it Fabricpath which is an easy and simple way of using all of the avail...
-
Few months ago I had listened to CCIE Security program manager Natalie Timms in a podcast by packetpushers . She hinted about the changes c...
No comments:
Post a Comment