The router authenticates the source of each routing update packet it receives. Supports many authentication routing protocols such as OSPF, EIGRP, ISIS, BGP, and RIPv2.
The Gateway Gateway Protocol (BGP) supports the authentication mechanism through the use of Message Summary (MD5) algorithms. When I enable authentication, any TCP portion that belongs to the BGP peer exchange is checked and accepted only if the authentication succeeds. If authentication fails, the BGP neighbor relationship (can not be established) is disabled.
Let's see the composition: -
Topology:
Target:
Configure topology according to drawing
Configure basic iBGP
Configure MD5 authentication by using passwords between networks
R1 # Display a brief IP interface
IP interface - OK address? Method method method
FastEthernet0 / 0 10.1.1.1 Guide Yes above
FastEthernet1 / 0 Not Assigned Yes Administratively Disabled Down
GigabitEthernet2 / 0 YES has been disabled administratively down
Serial3 / 0 1.1.1.1 Guide Yes above
R2 # Displays a brief IP interface
IP interface - OK address? Method method method
FastEthernet0 / 0 20.1.1.1 Guide Yes above
FastEthernet1 / 0 Not Assigned Yes Administratively Disabled Down
GigabitEthernet2 / 0 YES has been disabled administratively down
Serial3 / 0 1.1.1.2 Manual Yes above
R1 (config) #router bgp 65011
R1 (config-router) # Neighbor 1.1.1.2 Remote like 65011
R1 (config-router) # Network 10.0.0.0
R1 (config-router) # Network 1.0.0.0
R1 (config-router) # nincronization
R1 (config-router) # exit
R2 (config) #luter bgp 65011
R2 (config-router) # is running 1.1.1.1 as remote as 65011
* March 22, 13: 44: 19.255:% BGP-5-SETTING: Neighbor 1.1.1.1
R2 (config-router) # Network 1.0.0.0
R2 (config-router) # Network 10.0.0.0
R2 (config-router) # nincronization
R2 (config-router) # exit
R1 # show ip bgp
The BGP table version is 3, the local router ID is 10.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
The following route weighs the following jump from LocPrf
* i 1.0.0.0 1.1.1.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 10.0.0.0 0.0.0.0 0 32768 i
R1 # View IP Summary bgp
Routing ID BGP 10.1.1.1, local AS number 65011
The version of the BGP table is 3, the main routing table version 3
2 network input with 288 bytes of memory
3 way entries using 240 bytes of memory
2/1 BGP / bestpath path entries with 272 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 800 bytes total memory
BGP activity 2/0 primers, 3/0 modes, and clears the interval 60 seconds
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.2 4 65011 10 10 3 - - 00:04:49 1
R2 # show ip bgp
The BGP table version is 4, the local router ID is 20.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
The following route weighs the following jump from LocPrf
*> 1.0.0.0 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*> i 10.0.0.0 1.1.1.1 0 100 0 i
R2 # sample IP summary bgp
Routing ID BGP 20.1.1.1, local AS number 65011
The version of the BGP table is 4, the main routing table version 4
2 network input with 288 bytes of memory
3 way entries using 240 bytes of memory
2/2 Path / bestpath BGP entries with 272 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 800 bytes total memory
BGP activity 2/0 primers, 3/0 modes, and clears the interval 60 seconds
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.1 4 65011 11 10 4 0 0 00:05:18 2
R1 (config) #router bgp 65011
R1 (config-router) #neighbor 1.1.1.2 Password between networks
R1 (config-router) # Neighbor 1.1.1.2 version 4
R1 (config-router) # End
R1 #
* 22 March 13: 54: 42.691:% TCP-6-BADAUTH: No MD5 summary from 1.1.1.2 (179) to 1.1.1.1 (47927) tableid - 0
* 22 March, 13: 54: 42695:% TCP-6-BADAUTH: No MD5 summary from 1.1.1.2 (179) to 1.1.1.1 (47927) tableid - 0
* 22 March, 13: 54: 3851:% TCP-6-BADAUTH: No MD5 summary from 1.1.1.2 (32235) to 1.1.1.1 (179) tableid - 0
R2 # show ip bgp
The version of the BGP table is 2, the local router ID is 20.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
The following route weighs the following jump from LocPrf
*> 1.0.0.0 0.0.0.0 0 32768 i
R2 # sample IP summary bgp
Routing ID BGP 20.1.1.1, local AS number 65011
The version of the BGP table is 2, the main routing table version 2
1 network entries using 144 bytes of memory
1 way entries using 80 bytes of memory
1/1 Path / BGP entries for the bestpath attribute using 136 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 360 bytes of memory
The activity prefixes BGP 3/2 and 4/3 methods and the exploration interval are 60 seconds
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.1 4 65011 0 - 1 - 0 00:02:46 Active
R2 (config) #luter bgp 65011
R2 (config-router) #neighbor 1.1.1.1 Password between networks
R2 (config-router) # Neighbor 1.1.1.1 version 4
* March 22 13: 57: 36.931:% BGP-5-SETTING: Neighbor 1.1.1.1 Top
R2 (config-router) # end
R2 # show ip bgp
The BGP table version is 3, the local router ID is 20.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
The following route weighs the following jump from Lockup
* i 1.0.0.0 1.1.1.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*> i 10.0.0.0 1.1.1.1 0 100 0 i
R2 # sample IP summary bgp
Routing ID BGP 20.1.1.1, local AS number 65011
The version of the BGP table is 3, the main routing table version 3
2 network input with 288 bytes of memory
3 way entries using 240 bytes of memory
2/2 Path / bestpath BGP entries with 272 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 800 bytes total memory
The activity prefixes BGP 4/2 and 6/3 methods and the exploration interval are 60 seconds
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.1 4 65011 5 5 3 - - 00:00:44 2
The Gateway Gateway Protocol (BGP) supports the authentication mechanism through the use of Message Summary (MD5) algorithms. When I enable authentication, any TCP portion that belongs to the BGP peer exchange is checked and accepted only if the authentication succeeds. If authentication fails, the BGP neighbor relationship (can not be established) is disabled.
Let's see the composition: -
Topology:
Target:
Configure topology according to drawing
Configure basic iBGP
Configure MD5 authentication by using passwords between networks
R1 # Display a brief IP interface
IP interface - OK address? Method method method
FastEthernet0 / 0 10.1.1.1 Guide Yes above
FastEthernet1 / 0 Not Assigned Yes Administratively Disabled Down
GigabitEthernet2 / 0 YES has been disabled administratively down
Serial3 / 0 1.1.1.1 Guide Yes above
IP interface - OK address? Method method method
FastEthernet0 / 0 20.1.1.1 Guide Yes above
FastEthernet1 / 0 Not Assigned Yes Administratively Disabled Down
GigabitEthernet2 / 0 YES has been disabled administratively down
Serial3 / 0 1.1.1.2 Manual Yes above
R1 (config) #router bgp 65011
R1 (config-router) # Neighbor 1.1.1.2 Remote like 65011
R1 (config-router) # Network 10.0.0.0
R1 (config-router) # Network 1.0.0.0
R1 (config-router) # nincronization
R1 (config-router) # exit
R2 (config-router) # is running 1.1.1.1 as remote as 65011
* March 22, 13: 44: 19.255:% BGP-5-SETTING: Neighbor 1.1.1.1
R2 (config-router) # Network 1.0.0.0
R2 (config-router) # Network 10.0.0.0
R2 (config-router) # nincronization
R2 (config-router) # exit
R1 # show ip bgp
The BGP table version is 3, the local router ID is 10.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
* i 1.0.0.0 1.1.1.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 10.0.0.0 0.0.0.0 0 32768 i
Routing ID BGP 10.1.1.1, local AS number 65011
The version of the BGP table is 3, the main routing table version 3
2 network input with 288 bytes of memory
3 way entries using 240 bytes of memory
2/1 BGP / bestpath path entries with 272 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 800 bytes total memory
BGP activity 2/0 primers, 3/0 modes, and clears the interval 60 seconds
1.1.1.2 4 65011 10 10 3 - - 00:04:49 1
R2 # show ip bgp
The BGP table version is 4, the local router ID is 20.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
*> 1.0.0.0 0.0.0.0 0 32768 i
* i 1.1.1.1 0 100 0 i
*> i 10.0.0.0 1.1.1.1 0 100 0 i
Routing ID BGP 20.1.1.1, local AS number 65011
The version of the BGP table is 4, the main routing table version 4
2 network input with 288 bytes of memory
3 way entries using 240 bytes of memory
2/2 Path / bestpath BGP entries with 272 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 800 bytes total memory
BGP activity 2/0 primers, 3/0 modes, and clears the interval 60 seconds
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.1 4 65011 11 10 4 0 0 00:05:18 2
R1 (config) #router bgp 65011
R1 (config-router) #neighbor 1.1.1.2 Password between networks
R1 (config-router) # Neighbor 1.1.1.2 version 4
R1 (config-router) # End
R1 #
* 22 March 13: 54: 42.691:% TCP-6-BADAUTH: No MD5 summary from 1.1.1.2 (179) to 1.1.1.1 (47927) tableid - 0
* 22 March, 13: 54: 42695:% TCP-6-BADAUTH: No MD5 summary from 1.1.1.2 (179) to 1.1.1.1 (47927) tableid - 0
* 22 March, 13: 54: 3851:% TCP-6-BADAUTH: No MD5 summary from 1.1.1.2 (32235) to 1.1.1.1 (179) tableid - 0
R2 # show ip bgp
The version of the BGP table is 2, the local router ID is 20.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
The following route weighs the following jump from LocPrf
*> 1.0.0.0 0.0.0.0 0 32768 i
R2 # sample IP summary bgp
Routing ID BGP 20.1.1.1, local AS number 65011
The version of the BGP table is 2, the main routing table version 2
1 network entries using 144 bytes of memory
1 way entries using 80 bytes of memory
1/1 Path / BGP entries for the bestpath attribute using 136 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 360 bytes of memory
The activity prefixes BGP 3/2 and 4/3 methods and the exploration interval are 60 seconds
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.1 4 65011 0 - 1 - 0 00:02:46 Active
R2 (config) #luter bgp 65011
R2 (config-router) #neighbor 1.1.1.1 Password between networks
R2 (config-router) # Neighbor 1.1.1.1 version 4
* March 22 13: 57: 36.931:% BGP-5-SETTING: Neighbor 1.1.1.1 Top
R2 (config-router) # end
R2 # show ip bgp
The BGP table version is 3, the local router ID is 20.1.1.1
Status codes: suppressed, padded, h record, * valid,> better, i - internal,
RIB malfunction, S Stale, m m, backup paths b, f RT-Filter,
The best external roads, additional path, compressed by RIB,
Symbols of origin: i - IGP, e - EGP,? - incomplete
Validation codes RPKI: valid V, invalid, N does not exist
The following route weighs the following jump from Lockup
* i 1.0.0.0 1.1.1.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*> i 10.0.0.0 1.1.1.1 0 100 0 i
R2 # sample IP summary bgp
Routing ID BGP 20.1.1.1, local AS number 65011
The version of the BGP table is 3, the main routing table version 3
2 network input with 288 bytes of memory
3 way entries using 240 bytes of memory
2/2 Path / bestpath BGP entries with 272 bytes of memory
0 BGP Routes the cache schema using 0 bytes of memory
BGP filters the list of cache entries by using 0 bytes of memory
BGP using 800 bytes total memory
The Fifth Neighbor AS MsgRcvd MsgSent Tbl Ver InQ OutQ Top / Bottom State / PfxRcd
1.1.1.1 4 65011 5 5 3 - - 00:00:44 2