Manualshelf

User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentEnterasys Matrix DFE-Gold Series
129130131132133134135136137138
Modifying a Configuration
9-16 Configuring VRRP
Setting an Authentication Key
VRRP Packet Authentication Fields
Asshowninthefollowingillustration,eachVRRPpacketcontainsauthenticationfieldsinitsIP
header.Table 95describesVRRPpacketauthenticationfieldsandtheirdescriptions.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Type | Virtual Rtr ID| Priority | Count IP Addrs|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Auth Type | Adver Int | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address (1) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| . |
| . |
| . |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP Address (n) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication Data (1) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Authentication Data (2) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Table 9-5 VRRP Packet Authentication Field Descriptions
Field Description
Auth Type Identifies the authentication method being utilized. Authentication type is an 8-bit
unsigned integer and is unique on a per interface basis. A VRRP packet with an
unknown authentication type, or that does not match the locally configured
authentication method, must be discarded. Authentication methods currently defined
are:
Authentication Data Type 0 - No authentication (default setting)
Authentication Data Type 1 - Simple Text Password
Authentication Data Type 2 - Message Digest (MD5)
Corresponding contents of the Authentication Data fields for each Authentication
Type are listed below.
Authentication
Data (1)
Simple Text Password. The contents of the Authentication Data field should be set to
the locally configured password on transmission. There is no default password. The
receiver must check that the Authentication Data in the packet matches its
configured authentication string. Packets that do not match must be discarded.
This password is a text string 1 to 8 characters in length and can be set with the ip
vrrp authentication-key command.
Authentication
Data (2)
Message Digest (MD5) key. If a packet is received that does not pass the
authentication check due to a missing authentication header or incorrect message
digest, then the packet must be discarded.
This password is a text string 1 to 16 characters in length and can be set with the ip
vrrp message-digest-key command.