3com S7906E Installationsanweisungen
1-31
To do…
Use the command…
Remarks
Set the overload bit
set-overload [ on-startup [ [ start-from-nbr
system-id [ timeout1 [ nbr-timeout ] ] ] | timeout2 ]
[ allow { external | interlevel } * ]
system-id [ timeout1 [ nbr-timeout ] ] ] | timeout2 ]
[ allow { external | interlevel } * ]
Required
Not set by
default
default
Configuring IS-IS Authentication
To enhance the security of an IS-IS network, you can configure IS-IS authentication. IS-IS
authentication involves neighbor relationship authentication, area authentication and routing domain
authentication.
Configuration Prerequisites
Complete the following tasks before this configuration:
z
Configure network layer addresses for interfaces to make neighboring nodes accessible to each
other at the network layer.
z
Enable IS-IS.
Configuring Neighbor Relationship Authentication
With neighbor relationship authentication configured, an interface adds the password in the specified
mode into hello packets to the peer and checks the password in the received hello packets. If the
authentication succeeds, it forms the neighbor relationship with the peer.
The authentication mode and password at both ends must be identical.
Follow these steps to configure neighbor relationship authentication:
To do…
Use the command…
Remarks
Enter system view
system-view
––
Enter interface view
interface interface-type
interface-number
interface-number
––
Specify the authentication
mode and password
mode and password
isis authentication-mode { md5 |
simple } password [ level-1 | level-2 ]
[ ip | osi ]
simple } password [ level-1 | level-2 ]
[ ip | osi ]
Required
Not authentication is
configured by default.
configured by default.
Configuring Area Authentication
Area authentication enables a router not to install routing information from untrusted routers into the
Level-1 LSDB. The router encapsulates the authentication password in the specified mode into Level-1
packets (LSP, CSNP, PSNP) and check the password in received Level-1 packets.
Routers in a common area must have the same authentication mode and password.
Follow these steps to configure area authentication:
To do…
Use the command…
Remarks
Enter system view
system-view
––