CGA Implementation Steps for SeND on Cisco IOS Router

Configuration Steps for CGA Implementation on Cisco IOS Router for SeND

Prev Question Next Question


In order to implement CGA on a Cisco IOS router for SeND, which three configuration steps are required? (Choose three.)



Click on the arrows to vote for the correct answer

A. B. C. D. E. F.


To implement CGA (Cryptographically Generated Addresses) on a Cisco IOS router for SeND (Secure Neighbor Discovery), the following three configuration steps are required:

A. Generate an RSA key pair: An RSA key pair is required for secure communication and message integrity. The key pair consists of a private key and a public key. The private key is kept secret and used for signing messages, while the public key is used for verification.

B. Define a site-wide pre-shared key: A site-wide pre-shared key (PSK) is used to generate the CGA modifier. The PSK is a shared secret between hosts on the same network segment. It should be kept confidential and shared only with authorized hosts.

D. Generate the CGA modifier: The CGA modifier is generated by applying a hash function to the site-wide PSK and other parameters, such as the interface identifier and prefix length. The modifier is used to generate the CGA by combining it with the public key of the router.

E. Assign a CGA link-local or globally unique address to the interface: Once the CGA is generated, it can be assigned to the router's interface as a link-local or globally unique address. The CGA ensures that the address is unique and cryptographically secure.

Therefore, the correct answers are A, B, and D.

C and F are not necessary steps for implementing CGA on a Cisco IOS router for SeND. Defining a hash or encryption algorithm is not required because the router already supports the necessary algorithms. Additionally, defining an encryption algorithm is not required for generating a CGA modifier.