Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

dynamic-neighbor

Syntax

Hierarchy Level

Description

Enable BGP dynamic peering for specific networks and configure peer authentication options.

Configure peer authentication options for auto-discovered BGP neighbors for a given interface or set of interfaces without specifying the local or remote neighbor addresses. Authentication keys are associated directly with logical interfaces instead of the IP addresses or prefixes as BGP unnumbered peering uses IPv6 link-local addresses. The interface over which the link‑local session is established determines the authentication configuration that is applied and is independent of the dynamically learned peer address.

Options

name

Specify a template name for the dynamic neighbor.

allow

Configure peer connections for specific networks. You cannot configure this option with BGP peer auto discovery.

authentication-algorithm

Specify authentication algorithm name.

  • aes-128-cmac-96—Cipher-based Message Authentication Code (AES128) (96 bits)

  • ao—TCP Authentication Option

  • hmac-sha-1-96—Hash-based Message Authentication Code (SHA1) (96 bits)

  • md5—Message Digest 5

authentication-key

Define the MD5 authentication key.

authentication-key-chain

Specify a key chain authentication name

peer-limit

Limit the number of peers for each subnet configured via dynamic-neighbor

  • Range: 0 through 2048

tcpao-auth-mismatch

Continue without TCP-AO if any one TCP endpoint does not have TCP-AO configured

  • allow-without-tcpao—Allow the connection establishment without TCP-AO

The remaining statements are explained separately. Click the linked statements in the Syntax section or search CLI Explorer.

Required Privilege Level

routing—To view this statement in the configuration.

routing-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 26.2R1.