MD5 authentication is a cryptographic authentication. A key (password) and key ID are configured on each router.
The router uses an algorithm based on the routing protocol packet, the key, and the key ID to generate a message digest (also called a hash) that is appended to packet.
基本网络配置
R1# interface Loopback0 ip address 172.16.1.1 255.255.255.0 interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 router eigrp 100 network 10.1.1.0 0.0.0.255 network 172.16.0.0
R2# interface Loopback0 ip address 172.16.2.1 255.255.255.0 interface FastEthernet0/0 ip address 10.1.1.2 255.255.255.0 router eigrp 100 network 10.1.1.0 0.0.0.255 network 172.16.0.0
MD5 Authentication配置
R1# key chain R1 key 1 key-string cisco interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 R1
R2# key chain R2 key 1 key-string cisco interface FastEthernet0/0 ip address 10.1.1.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 R2
验证
R2# show key chain
Key-chain R2:
key 1 -- text "cisco"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
R2#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(100)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.1.1.1 Fa0/0 14 00:02:55 40 240 0 9
R2#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, FastEthernet0/0
L 10.1.1.2/32 is directly connected, FastEthernet0/0
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D 172.16.1.0/24 [90/156160] via 10.1.1.1, 00:02:58, FastEthernet0/0
C 172.16.2.0/24 is directly connected, Loopback0
L 172.16.2.1/32 is directly connected, Loopback0
