29.6.6 Verifying TCP MD5 Certification

<Structure of this section>

(1) List of operation commands

The following tables list the operation commands for TCP MD5 authenticated (BGP4+).

Table 29-24: List of operation commands
Command name	Description
show ipv6 bgp	Shows information about the BGP4+ protocol.

(2) Verifying TCP MD5 Certification

TCP MD5 authorization is displayed by specifying neighbors and detail parameters in the operation-command show ipv6 bgp.

Figure 29-30: Result of executing show ipv6 bgp command (specifying neighbors detail parameter)
> show ipv6 bgp neighbors detail Date 20XX/10/07 21:24:24 UTC BGP4+ Peer: 3ffe:192:168:2::2 , Remote AS: 65531 Remote Router ID: 192.168.2.100 BGP4+ Status: Established HoldTime: 180 , Keepalive: 60 Established Transitions: 1 Established Date: 20XX/10/07 21:23:48 BGP4+ Version: 4 Type: Internal Local Address:3ffe:192:168:2::1 Local AS: 65531 Local Router ID: 192.168.1.100 Next Connect Retry: - Connect Retry Timer: - Last Keep Alive Sent: 21:23:48 Last Keep Alive Received: 21:23:48 BGP4+ Message UpdateIn UpdateOut TotalIn TotalOut 0 0 0 3 BGP4+ Capability Negotiation: <IPv6-Uni Refresh Refresh(v)> Send : <IPv6-Uni Refresh Refresh(v)> Receive: <IPv6-Uni Refresh Refresh(v)> Password: UnConfigured ..1 BGP4+ Peer: 3ffe:172:16:2::2 , Remote AS: 65532 Remote Router ID: 172.16.2.100 BGP4+ Status: Established HoldTime: 180 , Keepalive: 60 Established Transitions: 1 Established Date: 20XX/10/07 21:23:58 BGP4+ Version: 4 Type: External Local Address:3ffe:172:16:2::1 Local AS: 65531 Local Router ID: 192.168.1.100 Next Connect Retry: - Connect Retry Timer: - Last Keep Alive Sent: 21:23:58 Last Keep Alive Received: 21:23:58 BGP4+ Message UpdateIn UpdateOut TotalIn TotalOut 0 0 1 3 BGP4+ Capability Negotiation: <IPv6-Uni Refresh Refresh(v)>> Send : <IPv6-Uni Refresh Refresh(v)> Receive: <IPv6-Uni Refresh Refresh(v)> Password: Configured ..2

Figure 29-30: Result of executing show ipv6 bgp command (specifying neighbors detail parameter)

> show ipv6 bgp neighbors detail
Date 20XX/10/07 21:24:24 UTC
BGP4+ Peer: 3ffe:192:168:2::2  , Remote AS: 65531
Remote Router ID: 192.168.2.100
    BGP4+ Status: Established       HoldTime: 180  , Keepalive: 60
    Established Transitions: 1      Established Date: 20XX/10/07 21:23:48
    BGP4+ Version: 4                Type: Internal
    Local Address:3ffe:192:168:2::1
    Local AS: 65531                 Local Router ID: 192.168.1.100
    Next Connect Retry: -           Connect Retry Timer: -
    Last Keep Alive Sent: 21:23:48  Last Keep Alive Received: 21:23:48
    BGP4+ Message  UpdateIn   UpdateOut  TotalIn    TotalOut
                   0          0          0          3
    BGP4+ Capability Negotiation: <IPv6-Uni Refresh Refresh(v)>
      Send   : <IPv6-Uni Refresh Refresh(v)>
      Receive: <IPv6-Uni Refresh Refresh(v)>
    Password: UnConfigured                                              ..1
 
BGP4+ Peer: 3ffe:172:16:2::2   , Remote AS: 65532
Remote Router ID: 172.16.2.100
    BGP4+ Status: Established       HoldTime: 180  , Keepalive: 60
    Established Transitions: 1      Established Date: 20XX/10/07 21:23:58
    BGP4+ Version: 4                Type: External
    Local Address:3ffe:172:16:2::1
    Local AS: 65531                 Local Router ID: 192.168.1.100
    Next Connect Retry: -           Connect Retry Timer: -
    Last Keep Alive Sent: 21:23:58  Last Keep Alive Received: 21:23:58
    BGP4+ Message  UpdateIn   UpdateOut  TotalIn    TotalOut
                   0          0          1          3
    BGP4+ Capability Negotiation: <IPv6-Uni Refresh Refresh(v)>>
      Send   : <IPv6-Uni Refresh Refresh(v)>
      Receive: <IPv6-Uni Refresh Refresh(v)>
    Password: Configured                                                ..2

MD5 authentication was not used for connection with the peer whose peer address is 3ffe:192:168:2::2.
MD5 authentication was not used for connection with the peer whose peer address is 3ffe:172:16:2::2.

Notes: A peer relationship is not established if TCP MD5 authentication fails (if the peer's BGP Status is not Established). Check the operation message to see if TCP MD5 authorization failed.