LDP session are TCP
session. So LDP session can be easily spoofed. To avoid this we have LDP authentication
R1(config)#mpls ldp
neighbor 2.2.2.2 password 0 CISCO
R1(config)#
*Dec 13
12:39:37.307: %TCP-6-BADAUTH: No MD5 digest from 2.2.2.2(32291) to 1.1.1.1(646)
R2(config)#mpls ldp
neighbor 1.1.1.1 password 0 CISCO
R1#sh mpls ldp
discovery
Local LDP Identifier:
1.1.1.1:0
Discovery Sources:
Interfaces:
Serial1/2 (ldp): xmit/recv
LDP Id: 2.2.2.2:0
Targeted Hellos:
1.1.1.1 -> 4.4.4.4 (ldp): passive,
xmit/recv
LDP Id: 4.4.4.4:0
No comments:
Post a Comment