Alcatel-Lucent 7750 SR OS Network Router User Manual


 
VRRP Components
Page 178 7750 SR OS Router Configuration Guide
VRRP Message Authentication
The authentication type parameter defines the type of authentication used by the virtual router in
VRRP advertisement message authentication. The current master uses the configured
authentication type to indicate any egress message manipulation that must be performed in
conjunction with any supporting authentication parameters before transmitting a VRRP
advertisement message. The configured authentication type value is transmitted in the message
authentication type field with the appropriate authentication data field filled in. Backup routers use
the authentication type message field value in interpreting the contained authentication data field
within received VRRP advertisement messages.
VRRP supports three message authentication methods which provide varying degrees of security.
The supported authentication types are:
0 – No Authentication
1 – Simple Text Password
2 – IP Authentication Header
Authentication Type 0 – No Authentication
The use of type 0 indicates that VRRP advertisement messages are not authenticated (provides no
authentication). The master transmitting VRRP advertisement messages will transmit the value 0
in the egress messages authentication type field and the authentication data field. Backup virtual
routers receiving VRRP advertisement messages with the authentication type field equal to 0 will
ignore the authentication data field in the message.
All compliant VRRP advertisement messages are accepted. The following fields within the
received VRRP advertisement message are checked for compliance (the VRRP specification may
require additional checks).
IP header checks specific to VRRP
IP header destination IP address – Must be 224.0.0.18
IP header TTL field – Must be equal to 255, the packet must not have traversed any IP
routed hops
IP header protocol field – must be 112 (decimal)