LDP Authentication authenticates the TCP header, with an MD5 hash value. If there are established TCP peerings between a couple of LDP peers, enabling LDP authentication may require the sessions to be cleared. There are multiple variations to enable authentication, we'll take a look at the base configuration.
CSR2#show mpls ldp neighbor 192.0.2.11 detail
Peer LDP Ident: 192.0.2.11:0; Local LDP Ident 192.0.2.2:0
TCP connection: 192.0.2.11.22453 - 192.0.2.2.646
CSR2
mpls ldp password fallback cisco
XR1
mpls ldp
neighbor
192.0.2.2:0 password clear cisco (070C285F4D06)
CSR2#show mpls ldp neighbor 192.0.2.11 detail
Peer LDP Ident: 192.0.2.11:0; Local LDP Ident 192.0.2.2:0
TCP connection: 192.0.2.11.12625 - 192.0.2.2.646; MD5 on
After enabling authentication, a clearing of the LDP peerings is needed. After the LDP connectivity is re-established, we see that MD5 is on.
CSR2#show mpls ldp neighbor 192.0.2.11 detail
Peer LDP Ident: 192.0.2.11:0; Local LDP Ident 192.0.2.2:0
TCP connection: 192.0.2.11.22453 - 192.0.2.2.646
CSR2
mpls ldp password fallback cisco
XR1
mpls ldp
neighbor
192.0.2.2:0 password clear cisco (070C285F4D06)
CSR2#show mpls ldp neighbor 192.0.2.11 detail
Peer LDP Ident: 192.0.2.11:0; Local LDP Ident 192.0.2.2:0
TCP connection: 192.0.2.11.12625 - 192.0.2.2.646; MD5 on
After enabling authentication, a clearing of the LDP peerings is needed. After the LDP connectivity is re-established, we see that MD5 is on.