interface (Protocols RIFT)

Syntax

Hierarchy Level

Description

Configure the interfaces for the RIFT protocol.

Options

interface-name

Name of the interface on which the RIFT protocol should be configured.

allowed-authentication-keys (value | [set of values])

(Optional) Specify a single or set of values for allowed interface authentication keys (outer keys).

This allows you to set a set of key IDs that are allowed on this interface as outer security keys.

Range: 1 through 255

bfd-liveness-detection

(Optional) Configure Bidirectional Forwarding Detection (BFD) options. The BFD session is automatically brought up if it is configured on both sides of the session.

Values:
minimum-interval milliseconds
Specify the minimum transmit and receive interval.

Range: 1 through 255,000
multiplier milliseconds
Specify the detection time multiplier.

Range: 1 through 255

check-common-instance-name

(Optional) Enable check for common instance name advertised by neighboring device.

When multiple routing-instances of RIFT are running using the routing-instance statement, then enabling the check-common-instance-name option prevents forming mistaken adjacencies across different routing instances. The RIFT protocol declares links that receive a LIE with mismatched instance name as miscabled.

check-common-subnet

(Optional) Enable check for a common subnet on the neighboring device.

disable

(Optional) Disable the RIFT protocol on the specified interface.

lie-authentication (loose | none | permissive | strict)

(Optional) Specify the method to authenticate received LIEs (outer fingerprint).

Values:

loose	Verify authentication only if present, that is, when the key ID is not 0.
none	Disable authentication checking completely.
permissive	Accept authentication if key identifier is unknown.
strict	Accept authentication only if a key is present and it is valid.

lie-origination-key lie-origination-key

(Optional) Configure the key ID used to protect sent LIEs (outer key). You can configure to set the key used to authenticate LIEs, if required.

Range: 1 through 255

lie-transmit-address

(Optional) Configure the IPv4 or IPv6 IP address on which the link information elements (LIEs) should be sent. See lie-transmit-address for more information.

lie-transmit-port port-number

(Optional) Port on which the link information elements (LIEs) should be transmitted.

Range: 512 through 65535

metric

(Optional) Specify the advertised cost of the RIFT protocol interface.

Range: 1 through 134217727

mode

(Optional) Specify the mode of RIFT protocol interface.

Values:
- active—Run the RIFT protocol without advertising the Gigabit Ethernet interface subnets.
- advertise-subnets—Run the RIFT protocol and advertise the Gigabit Ethernet interface subnets.

no-check-common-instance-name

(Optional) Disable check for common instance name advertised by neighboring device.

no-check-common-subnet

(Optional) Disable check for a common subnet on the neighboring device.

no-relax-three-way-nonce-check

(Optional) Reject LIEs with undefined remote and local nonce in three-way.

relax-three-way-nonce-check

(Optional) Accept LIEs with undefined remote and local nonce in three-way.

This allows relaxation of the specification to accept undefined nonces in three-way state that allows for faster link bring-up after failures, but opens a security attack possibility (reseting adjacencies through replays).

Note:

For maximum performance, the relax-three-way-nonce-check option should be on.

For maximum security when lie-origination-key is used, the relax-three-way-nonce-check option should be on.

tie-receive-port port-number

(Optional) Port on which the topology information elements (TIEs) should be received.

Range: 512 through 65535

Required Privilege Level

routing—To view this statement in the configuration.

routing-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 19.4R1.

ON THIS PAGE