| 摘要 |
The present application discloses a security authentication method. The method includes: receiving, by a control plane of a BFD device, a first BFD packet that is sent by a control plane of a peer BFD device; generating, by the control plane, a first token value according to the random nonce; sending, by the control plane, the first token value to a data plane; receiving, by the data plane, a second BFD packet that is sent by a data plane of the peer BFD device, where the second BFD packet carries authentication information, and the authentication information includes a random nonce; and generating, by the data plane, a second token value according to the random nonce included in the authentication information and by using a calculation method the same as that of the control plane, performing comparison to determine whether the second token value is the same as the first token value, and successfully authenticating, by the data plane, the second BFD packet if the first token value and the second token value are the same. An NP of the data plane of the BFD device can also perform security authentication at a relatively high security level. |
