CCIE Practical Studies: Security (CCIE Self-Study)

Configuring IS-IS Authentication

IS-IS gives you three options for authentication of LSPs—authentication of a specified interface or link, of an area, or of a domain—and can be used in combinations of the three. Routers that want to become neighbors must exchange the same password for the level of authentication that is configured on the router. Currently, IS-IS supports only a simple password mechanism that does not guarantee against hostile attacks. However, authentication functions are extensible, so a stronger cryptographically based security scheme can be added in the future.

The authentication information is encoded as a Type Length Value (TLV) triple in the LSP. The type of the authentication TLV is 10, the length of the TLV is variable, ...

Get CCIE Practical Studies: Security (CCIE Self-Study) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCIE Practical Studies: Security (CCIE Self-Study) by Dmitry Bokotey, Andrew G. Mason, Raymond Morrow

Configuring IS-IS Authentication

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly