[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring Cryptographic Address Parameters

Secure Neighbor Discovery uses cryptographically generated addresses (CGAs), as defined in RFC 3972, Cryptographically Generated Addresses, to ensure that the sender of a Neighbor Discovery Protocol (NDP) message is the “owner” of the claimed address. Each node must generate a public-private key pair before it can claim an address. The CGA is included in all outgoing neighbor solicitation and neighbor advertisement messages.

To configure parameters for CGAs, include the following statements:



protocols {


neighbor-discovery {


secure {



cryptographic-address {

key-length number;

key-pair pathname;
}


}


}


}

For information about how to configure parameters for cryptographic addresses, see the following sections:

Specifying the Pathname for the Key File
Specifying the RSA Key Length

[Contents] [Prev] [Next] [Index] [Report an Error]