Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
authentication-key-chains
Syntax
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 7.6.
Statement introduced in Junos OS Release 9.0 for EX Series switches.
Support for the BFD protocol introduced in Junos OS Release 9.6.
Support for the BFD protocol introduced in Junos OS Release 9.6 for EX Series switches.
Description
Configure authentication key updates for the Border Gateway Protocol (BGP), the Label Distribution Protocol (LDP) routing protocols, and the Bidirectional Forwarding Detection (BFD) protocol. When the authentication-key-chains statement is configured at the [edit security] hierarchy level, and is associated with the BGP and LDP protocols at the [edit protocols] hierarchy level or with the BFD protocol using the bfd-liveness-detection statement, authentication key updates can occur without interrupting routing and signaling protocols such as Open Shortest Path First (OSPF), and Resource Reservation Setup Protocol (RSVP).
Options
key-chain key-chain-name—Keychain name. This name is configured at the [edit protocols bgp] or the [edit protocols ldp] hierarchy level to associate unique authentication key-chain attributes with each protocol as specified using the following options:
- description text-string—A text string of the authentication-key-chain. Put the text string in quotes (“text description”).
- key key—Each key within
a keychain is identified by a unique integer value.
Range: 0 through 63
- secret secret-data—Each key must specify a secret in encrypted text or plain text format. The secret always appears in encrypted format.
- start-time yyyy–mm-dd.hh:mm:ss—Start times are specified in UTC (Coordinated Universal Time), and must be unique within the keychain.
- tolerance seconds—Specify
the clock skew tolerance, in seconds.
Range: 0 through 999999999
Required Privilege Level
admin—To view this statement in the configuration.
admin-control—To add this statement to the configuration.
