Categories R&S

BGP – implement and troubleshoot Peerings – Authentication

One quick post about BGP authentication.



Use BGP authentication to secure the BGP session between R6 and R10.





Configuration and verification:

That’s an easy configuration. Only one command under the BGP process.

R6(config)#router bgp 100
R6(config-router)#neighbor password CISCO

R10(config-router)#neighbor password CISCO
R10#  clear ip bgp *


We see the BGP session establish,  and that md5 is used.

BGP neighbor is,  remote AS 100, external link
  BGP version 4, remote router ID
  BGP state = Established, up for 00:00:11
Option Flags: nagle, path mtu capable, md5


Let’s see what happens if there is a password mismatch.

R6(config-router)#neighbor password JUNIPER

*Jul  9 19:19:17.567: %TCP-6-BADAUTH: Invalid MD5 digest from to tableid - 0


Without turning debug on, we immediately received a log message stating a bad authentication.



That’s all for BGP authentication.

Thank you for reading.




BGP – implement and troubleshoot Peerings – Authentication