Support User Manuals

Cisco Systems OL-14356-01 Network Router User Manual

Open as PDF

of 462

Implementing IS-IS on Cisco IOS XR Software

How to Implement IS-IS on Cisco IOS XR Software

RC-293

Cisco IOS XR Routing Configuration Guide

OL-14356-01

Configuring Keychains for IS-IS

This task explains how to configure keychains for IS-IS. This task is optional.

Keychains can be configured at the router level (lsp-password command) and at the interface level

(hello-password command) within IS-IS. These commands reference the global keychain configuration

and instruct the IS-IS protocol to obtain security parameters from the global set of configured keychains.

The router-level configuration (lsp-password command) sets the keychain to be used for all IS-IS LSPs

generated by this router, as well as for all Sequence Number Protocol Data Units (SN PDUs). The

keychain used for HELLO PDUs is set at the interface level, and may be set differently for each interface

configured for IS-IS.

SUMMARY STEPS

1. configure

2. router isis instance-id

3. lsp-password keychain keychain-name [level {1 | 2}] [send-only] [snp send-only]

4. interface type instance

5. hello-password keychain keychain-name [level {1 | 2}] [send-only]

Step 5

hello-password {hmac-md5 | text} {clear |

encrypted} password [level {1 | 2}] [send-only]

Example:

RP/0/RP0/CPU0:router(config-isis-if)#

hello-password text clear mypassword

Configures the authentication password for an IS-IS

interface.

Step 6

end

or

commit

Example:

RP/0/RP0/CPU0:router(config-isis-if)# end

or

RP/0/RP0/CPU0:router(config-isis-if)# commit

Saves configuration changes.

• When you issue the end command, the system prompts

you to commit changes:

Uncommitted changes found, commit them before

exiting(yes/no/cancel)?

[cancel]:

–

Entering yes saves configuration changes to the

running configuration file, exits the configuration

session, and returns the router to EXEC mode.

–

Entering no exits the configuration session and

returns the router to EXEC mode without

committing the configuration changes.

–

Entering cancel leaves the router in the current

configuration session without exiting or

committing the configuration changes.

• Use the commit command to save the configuration

changes to the running configuration file and remain

within the configuration session.

Command or Action Purpose

previous next