Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Configuring LDP message authentication

Configuration of an authentication key on a per LDP session basis is supported to protect against spoofed TCP segments in a connection stream.

The LDP session can be to an adjacent peer (basic discovery) . You must configure both sides of an LDP peer link.
LDP authentication is based upon the TCP MD5 signature option specified in RFC 2385. This RFC defines a new TCP option for carrying an MD5 digest in a TCP segment.
To configure LDP message authentication, enter the following command.

vyatta@R1# set protocols mpls-ldp neighbors neighbor <ip address> md5-password <text> 

The following example shows how to configure an LDP message authentication key named early for the neighbor at IP address 10.10.10.3.


vyatta@R1# set protocols mpls-ldp neighbors neighbor 10.10.10.3 md5-password early