EasyManuals Logo
Home>Cisco>Switch>Catalyst 3850 series

Cisco Catalyst 3850 series User Manual

Cisco Catalyst 3850 series
424 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #227 background imageLoading...
Page #227 background image
SA messages are stored locally in the device’s SA cache.
Note
MSDP Peers
Like BGP, MSDP establishes neighbor relationships with other MSDP peers. MSDP peers connect using TCP
port 639. The lower IP address peer takes the active role of opening the TCP connection. The higher IP address
peer waits in LISTEN state for the other to make the connection. MSDP peers send keepalive messages every
60 seconds. The arrival of data performs the same function as the keepalive message and keeps the session
from timing out. If no keepalive messages or data is received for 75 seconds, the TCP connection is reset.
Related Topics
Configuring an MSDP Peer, on page 210
Shutting Down an MSDP Peer, on page 212
Example: Configuring an MSDP Peer, on page 235
MSDP MD5 Password Authentication
The MSDP MD5 password authentication feature is an enhancement to support Message Digest 5 (MD5)
signature protection on a TCP connection between two MSDP peers. This feature provides added security by
protecting MSDP against the threat of spoofed TCP segments being introduced into the TCP connection
stream.
Related Topics
Configuring MSDP MD5 Password Authentication Between MSDP Peers, on page 213
Example: Configuring MSDP MD5 Password Authentication, on page 235
How MSDP MD5 Password Authentication Works
Developed in accordance with RFC 2385, the MSDP MD5 password authentication feature is used to verify
each segment sent on the TCP connection between MSDP peers. The ip msdp password peer command is
used to enable MD5 authentication for TCP connections between two MSDP peers. When MD5 authentication
is enabled between two MSDP peers, each segment sent on the TCP connection between the peers is verified.
MD5 authentication must be configured with the same password on both MSDP peers; otherwise, the connection
between them will not be made. Configuring MD5 authentication causes the Cisco IOS software to generate
and verify the MD5 digest of every segment sent on the TCP connection.
Benefits of MSDP MD5 Password Authentication
•
Protects MSDP against the threat of spoofed TCP segments being introduced into the TCP connection
stream.
•
Uses the industry-standard MD5 algorithm for improved reliability and security.
IP Multicast Routing Configuration Guide, Cisco IOS XE Release 3.6E (Catalyst 3850 Switches)
OL-32598-01 203
Configuring MSDP
MSDP Peers

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 3850 series and is the answer not in the manual?

Cisco Catalyst 3850 series Specifications

General IconGeneral
BrandCisco
ModelCatalyst 3850 series
CategorySwitch
LanguageEnglish

Related product manuals