Re: mpls ldp authentication question !!

From: hoon lee (hoonlee_73@yahoo.com.au)
Date: Mon Mar 19 2007 - 22:34:24 ART

• Next message: Narbik Kocharians: "Re: LAb Equipment ..."
• Previous message: dagbo: "Re: Port # for TCP applications"
• Maybe in reply to: Dishan Gamage: "mpls ldp authentication question !!"
• Next in thread: Arun Kumar Arumuganainar: "RE: mpls ldp authentication question !!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Dishan,

Just to clarify, your original question was to block other PEs from building LDP neighbor relationship 'without' having ACL setup even you have full IGP connectivities between all PEs.
Is that right?

With that regard, I don't believe massing with IGP to prevent PEs from building LDP neighbors is not very valid solution.

Hoon
CCIE#10648 (R&S)

----- Original Message ----
From: Jian Gu <guxiaojian@gmail.com>
To: Robert McCallum <RMcCallum@thrupoint.net>
Cc: Dishan Gamage <dishanlg@gmail.com>; Cisco certification <ccielab@groupstudy.com>; Cisco certification <comserv@groupstudy.com>
Sent: Tuesday, March 20, 2007 9:29:17 AM
Subject: Re: mpls ldp authentication question !!

Dear senior consultatant,

You are blocking (IGP) adjacency with other one to prevent LDP session from
forming? nice solution.

So is LDP authentication a valid solution or not?

On 3/19/07, Robert McCallum <RMcCallum@thrupoint.net> wrote:
>
> Really? Are you sure? Think about it!! Come on think about this how can
> you stop a router forming an ADJACENCY with the other one? Who cares
> about
> LDP - stop it before ldp even has a chance to get in there.
>
> OR use the new command - bearing in mind I sat my lab over a year ago ;-)
> Robert McCallum
> Senior Consultant
> Mobile : +44(0)7818002241
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> > Jian Gu
> > Sent: 19 March 2007 19:47
> > To: Robert McCallum
> > Cc: Dishan Gamage; Cisco certification; Cisco certification
> > Subject: Re: mpls ldp authentication question !!
> >
> > How does IGP global command have anything to do with LDP authentication?
> > you
> > must be mistaken.
> >
> > On 3/19/07, Robert McCallum <RMcCallum@thrupoint.net> wrote:
> > >
> > > Hmm I thought I had replied to this. Oh well - Clue : Check your IGP
> > > Global
> > > commands.
> > >
> > > Robert McCallum
> > > Senior Consultant
> > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> > Of
> > > > Dishan Gamage
> > > > Sent: 19 March 2007 11:44
> > > > To: Cisco certification; Cisco certification
> > > > Subject: mpls ldp authentication question !!
> > > >
> > > > Hi Group
> > > >
> > > >
> > > >
> > > > I have PE1 & PE2 configured to use md5 for LDP, working fine...
> > > >
> > > > PE1
> > > >
> > > > mpls ldp neighbor 172.16.12.2 password abcdef
> > > >
> > > >
> > > > PE2
> > > >
> > > > mpls ldp neighbor 172.16.12.1 password abcdef
> > > >
> > > >
> > > > the question says to block a new PE (eg PE3), from joining into the
> > mpls
> > > > domain without using an ACL
> > > >
> > > > I see that when PE3 boots up it also establish ldp neighbor
> > > > relationships..................
> > > >
> > > > can someone explain how this can be done ??
> > > >
> > > > tks in advance
> > > > dishan
> > > >
> > > >
> _____________________________________________________________________
> > > > Subscription information:
> http://www.groupstudy.com/list/comserv.html
> > >
> > >
> > >
> > > Note:The information contained in this message may be privileged and
> > > confidential and protected from disclosure . If the reader of this
> > message
> > > is not the
> > > intended recipient, or an employee or agent responsible for delivering
> > > this message to the intended recipient, you are hereby notified that
> any
> > > dissemination, distribution or copying of this communication is
> strictly
> > > prohibited. If you have received this communication in error, please
> > notify
> > > us
> > > immediately by replying to the message and deleting it from your
> > computer.
> > > Thankyou. ThruPoint Ltd.
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > _____________________________________________________________________
> > Subscription information: http://www.groupstudy.com/list/comserv.html
>
>
>
> Note:The information contained in this message may be privileged and
> confidential and protected from disclosure . If the reader of this message
> is not the
> intended recipient, or an employee or agent responsible for delivering
> this message to the intended recipient, you are hereby notified that any
> dissemination, distribution or copying of this communication is strictly
> prohibited. If you have received this communication in error, please notify
> us
> immediately by replying to the message and deleting it from your computer.
> Thankyou. ThruPoint Ltd.

• Next message: Narbik Kocharians: "Re: LAb Equipment ..."
• Previous message: dagbo: "Re: Port # for TCP applications"
• Maybe in reply to: Dishan Gamage: "mpls ldp authentication question !!"
• Next in thread: Arun Kumar Arumuganainar: "RE: mpls ldp authentication question !!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 01 2007 - 06:35:51 ART