tcp-session-parameters
config>router>ldp
Supported on all 7210 SAS platforms as described in this document.
Commands in this context configure parameters for the TCP transport session of an LDP session to a remote peer.
peer-transport ip-address
no peer-transport
config>router>ldp>tcp-session-parameters
Supported on all 7210 SAS platforms as described in this document.
This command configures the peer transport address, which is the destination address of the TCP connection, and not the address corresponding to the LDP LSR ID of the peer.
no peer-transport
Specifies the IPv4 or IPv6 address of the TCP connection to the LDP peer.
auth-keychain name
config>router>ldp>tcp-session-params>peer-transport
Supported on all 7210 SAS platforms as described in this document.
This command configures the TCP authentication keychain to use for the session.
Specifies the name of the keychain, up to 32 characters, to use for the specified TCP session or sessions. This keychain allows the rollover of authentication keys during the lifetime of a session. The peer address must be the TCP session transport address.
authentication-key [authentication-key | hash-key] [hash | hash2]
no authentication-key
config>router>ldp>tcp-session-params>peer-transport
Supported on all 7210 SAS platforms as described in this document.
This command specifies the authentication key to be used between LDP peers before establishing sessions. Authentication uses the MD-5 message-based digest. The peer address must be the TCP session transport address.
The no form of this command disables authentication.
none
Specifies the authentication key. The key can be any combination of ASCII characters up to 16 characters (unencrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
Specifies the hash key. The key can be any combination of up 33 alphanumeric characters. If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.
Keyword to enter the key in an encrypted form. If the hash keyword is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.
Keyword to enter the key in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assigned.
[no] path-mtu-discovery
config>router>ldp>tcp-session-params>peer-transport
Supported on all 7210 SAS platforms as described in this document.
This command enables path MTU discovery for the associated TCP connections. When enabled, the MTU for the associated TCP session is initially set to the egress interface MTU. The DF bit is also set so that if a router along the path of the TCP connection cannot handle a packet of a particular size without fragmenting, it sends back an ICMP message to set the path MTU for the specific session to a lower value that can be forwarded without fragmenting.
no path-mtu-discovery
ttl-security min-ttl-value
no ttl-security
config>router>ldp>tcp-session-params>peer-transport
Supported on all 7210 SAS platforms as described in this document.
This command configures TTL security parameters for incoming packets. When the feature is enabled, BGP/LDP will accept incoming IP packets from a peer only if the TTL value in the packet is greater than or equal to the minimum TTL value configured for that peer. The peer address must be the TCP session transport address.
The no form of this command disables TTL security.
no ttl-security
Specifies the minimum TTL value for an incoming packet.