13.6.6 Verifying TCP MD5 Certification
- <Structure of this section>
(1) List of operation commands
The following tables list the operation commands for TCP MD5 authorization.
Command name |
Description |
---|---|
show ip bgp |
Shows information related to the BGP4 protocol. |
(2) Verifying TCP MD5 Certification
TCP MD5 authorization is displayed by specifying neighbors and detail parameters in the operation command show ip bgp command.
> show ip bgp neighbors detail Date 20XX/10/07 21:24:24 UTC BGP Peer: 192.168.2.2 , Remote AS: 65531 Remote Router ID: 192.168.2.100 BGP Status: Established HoldTime: 180 , Keepalive: 60 Established Transitions: 1 Established Date: 20XX/10/07 21:23:48 BGP Version: 4 Type: Internal Local Address: 192.168.2.1 Local AS: 65531 Local Router ID: 192.168.1.100 Next Connect Retry: - Connect Retry Timer: - Last Keep Alive Sent: 21:23:48 Last Keep Alive Received: 21:23:48 BGP Message UpdateIn UpdateOut TotalIn TotalOut 0 0 0 3 BGP Capability Negotiation: <IPv4-Uni Refresh Refresh(v)> Send : <IPv4-Uni Refresh Refresh(v)> Receive: <IPv4-Uni Refresh Refresh(v)> Password: UnConfigured ..1 BFD Name: -, BFD ID: -, BFD State: - BGP Peer: 172.16.2.2 , Remote AS: 65532 Remote Router ID: 172.16.2.100 BGP Status: Established HoldTime: 180 , Keepalive: 60 Established Transitions: 1 Established Date: 20XX/10/07 21:23:58 BGP Version: 4 Type: External Local Address: 172.16.2.1 Local AS: 65531 Local Router ID: 192.168.1.100 Next Connect Retry: - Connect Retry Timer: - Last Keep Alive Sent: 21:23:58 Last Keep Alive Received: 21:23:58 BGP Message UpdateIn UpdateOut TotalIn TotalOut 0 0 1 3 BGP Capability Negotiation: <IPv4-Uni Refresh Refresh(v)> Send : <IPv4-Uni Refresh Refresh(v)> Receive: <IPv4-Uni Refresh Refresh(v)> Password: Configured ..2 BFD Name: -, BFD ID: -, BFD State: - |
-
MD5 authentication was not used for connection with the peer whose remote peer address is 192.168.2.2.
-
MD5 authentication was used for connection with the peer whose remote peer address is 172.16.2.2.
- Notes
-
A peer relationship is not established if TCP MD5 authentication fails (if the peer's BGP Status is not Established). Check the operation message to see if TCP MD5 authorization failed.