для Cisco Cisco IOS Software Release 12.0(13)S7

Cisco Express Forwarding or distributed Cisco Express Forwarding must be enabled on the label 
switch router (LSR).

Routing (static or dynamic) must be configured for the LSR.

Multiprotocol Label Switching (MPLS) LDP must be configured on the LSR. However, you can 
configure LDP MD5 protection before you configure MPLS LDP. You can then use LDP MD5 
protection after you configure MPLS LDP.

A Virtual Private Network (VPN) routing and forwarding instance (VRF) must be configured if you 
want to configure MPLS LDP MD5 global configuration for a VRF. If you delete a VRF, the LDP 
MD5 global configuration for that VRF is automatically removed.

MD5 protection described in this document applies only to the LDP sessions. All enhancements 
described in this document do not affect Tag Distribution Protocol (TDP) sessions.

Before you configure the MPLS—LDP MD5 Global Configuration feature, you must understand the 
following:

The MPLS—LDP MD5 Global Configuration feature provides the following enhancements to the LDP 
support of MD5 passwords:

You can specify peers for which MD5 protection is required. This can prevent the establishment of 
LDP sessions with unexpected peers.

You can configure passwords for groups of peers. This increases the scalability of LDP password 
configuration management. 

The established LDP session with a peer is not automatically torn down when the password for that 
peer is changed. The new password is used the next time an LDP session is established with the peer. 

You can control when the new password is used. You can configure the new password on the peer 
before forcing the use of the new password.