Neighbor Authentication
As with other protocols, we
can force BGP to authenticate other routers with a password. All
passwords are scrambled using an MD5 message digest. On the network
in Figure 10-1, we can enable password
authentication between office-r1
and
office-r2
by adding the
password
command to our BGP configuration. On
office-r1
, we add the neighbor
...
password
command after the
neighbor
... remote-as
command.
You must configure the same password on both routers, or they
can’t communicate with BGP. Here’s the configuration for
office-r1
:
router bgp 3000 neighbor 192.168.3.2 remote-as 3000 neighbor 192.168.3.2 password letmein
The same goes for office-r2
:
router bgp 3000 neighbor 192.168.3.1 remote-as 3000 neighbor 192.168.3.1 password letmein
Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.