[c-nsp] ISIS authentication
Adam Vitkovsky
adam.vitkovsky at swan.sk
Fri Sep 21 10:36:54 EDT 2012
Hi
Would it make sense to enable authentication on IIH packets -when running
ISIS over leased Ethernet circuits please?
I was confronted with an advice about authentication on IIH packets as a
base security when running ISIS over leased circuits (e.g. when you order an
Ethernet circuit and you know the provider is doing EoMPLS to get it done
for you).
To me this sounds a bit far fetched right?
Strictly technically speaking e.g. LSP are sent even before the full
adjacency is formed and if those are not encrypted than man in the middle
could alter them somehow so why to bother with IIH pwd in a first place.
I'd like to hear the other's opinion on IGP authentication in the core in
general
Thanks
adam
More information about the cisco-nsp
mailing list