Home > Articles > Cisco Certification > CCNP > CCNP Routing and Switching Quick Reference: BGP and Internet Connectivity

CCNP Routing and Switching Quick Reference: BGP and Internet Connectivity

Chapter Description

This chapter provides a quick review of CCNP Routing and Switching exam topics, focusing specifically on Border Gateway Protocol (BGP).

BGP Authentication

BGP supports MD5 authentication between neighbors, using a shared password. It is configured under BGP router configuration mode with the command neighbor {ip-address | peer-group-name} password password. When authentication is configured, BGP authenticates every TCP segment from its peer and checks the source of each routing update. Most ISPs require authentication for their EBGP peers.

Peering succeeds only if both routers are configured for authentication and have the same password. If a router has a password configured for a neighbor, but the neighbor router does not, a message such as the following displays on the console while the routers attempt to establish a BGP session between them:

%TCP-6-BADAUTH: No MD5 digest from [peer's IP address]:11003 to
 [local router's IP address]:179

Similarly, if the two routers have different passwords configured, a message such as the following will display on the screen:

%TCP-6-BADAUTH: Invalid MD5 digest from [peer's IP
 address]:11004 to [local router's IP address]:179
7. Verifying BGP | Next Section Previous Section