06-02-2022
05:08 PM
- last edited on
06-02-2022
11:34 PM
by
Translator
Doing a lab where there's a central router wehre the BGP peer-groups are defined with a password below, however the lab doesn't specify BGP peer-group commands or passwords on the 3 non-core routers.
How would I add the passwords in there?
router bgp X0
!
address-family ipv4
neighbor ibgp-partial peer-group
neighbor ibgp-partial description Local Routes only
neighbor ibgp-partial remote-as X0
neighbor ibgp-partial update-source loopback0
neighbor ibgp-partial next-hop-self
neighbor ibgp-partial password BGPlab
neighbor ibgp-partial send-community
neighbor ibgp-partial route-reflector-client
neighbor ibgp-partial filter-list 10 out
!
and then for IPv6 (noting that the AS-PATH filter can be used in both IPv4 and IPv6 peer-groups):
router bgp X0
!
address-family ipv6
neighbor ibgpv6-partial peer-group
neighbor ibgpv6-partial description Local Routes only
neighbor ibgpv6-partial remote-as X0
neighbor ibgpv6-partial update-source loopback0
neighbor ibgpv6-partial next-hop-self
neighbor ibgpv6-partial password BGPlab
neighbor ibgpv6-partial send-community
neighbor ibgpv6-partial route-reflector-client
neighbor ibgpv6-partial filter-list 10 out
So above is core router
Now it is giving me a
'No MD5 digest from..'
message because i do not have a pass defined on the other routers
how do i add it to them
for example would this work for the ipv4?
router bgp X0
address-family ipv4
neighbor ibgp-partial peer-group
neighbor ibgp-partial remote-as X0
neighbor ibgp-partial password BGPlab
Thank you
Oh yeas,
and what's the significance if I do not include a password in peer-groups
Solved! Go to Solution.
06-02-2022 05:38 PM
Hi
The document you used as refereence mixed up two differents subjects and made it confuse. Router reflector and peer group are different things.
if you want to use password, you can use the same command in all router.
You can see that the relationship is based on the neighbor peer group and there is no central router.
Another way to configure
device# configure terminal device(config)# router bgp device(config-bgp-router)# local-as 1000 device(config-bgp-router)# neighbor mypeergroup1 peer-group device(config-bgp-router)# neighbor mypeergroup1 remote-as 11 device(config-bgp-router)# neighbor 10.2.2.2 peer-group mypeergroup1 device(config-bgp-router)# neighbor 10.3.3.3 peer-group mypeergroup1
06-02-2022 05:38 PM
Hi
The document you used as refereence mixed up two differents subjects and made it confuse. Router reflector and peer group are different things.
if you want to use password, you can use the same command in all router.
You can see that the relationship is based on the neighbor peer group and there is no central router.
Another way to configure
device# configure terminal device(config)# router bgp device(config-bgp-router)# local-as 1000 device(config-bgp-router)# neighbor mypeergroup1 peer-group device(config-bgp-router)# neighbor mypeergroup1 remote-as 11 device(config-bgp-router)# neighbor 10.2.2.2 peer-group mypeergroup1 device(config-bgp-router)# neighbor 10.3.3.3 peer-group mypeergroup1
06-02-2022 07:27 PM
The lab actually did add a password on the non core router, it was so obscure and defined on only 1 peer group, while the central router had a pass defined on 3 different peer-groups, however I believe doing it this way by defining the pass on the other routers under a single peer group should work.
06-03-2022 07:19 AM
are you finish this task or not ? do you success in auth with peer-group? please inform me, if you success share final config?
06-03-2022 04:44 PM - edited 06-03-2022 04:44 PM
you can call me old still but I need some time to digest the info.,
you mention about auth in Peer-group and how we can assign password
so immediately I put this LAB in my ToDoList LAB, and Now I finish LAB,
here
R1,R2,R3
R1 config with peer-group for R2 & R3
peer-group have password MHM
BUT
peer R3 have different password MHM2
config R2 with password MHM
config R3 with password MHM2
and It WORK,
so as result the neighbor x.x.x.x password is override the peer-group password.
just would you and all other read this post about this case.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide