The intermediate system-to-intermediate system (ISIS) protocol is a conventional link state protocol. Based on the ISIS protocol, a neighbor relationship between devices is established and maintained using a hello packet. In a neighbor relationship establishment process to avoid a malicious attack, an authentication mechanism is used for an ISIS packet. When authentication is enabled, two parties that establish a neighbor relationship need to add, into a hello packet, type-length-value (TLV) used for authentication, and are allowed to establish an ISIS neighbor after the authentication succeeds.
Generally, two network devices in an ISIS network are in a bidirectional connection. In some scenarios, if a physical link in one direction is not connected, the network devices are in a unidirectional connection. This scenario is defined in a unidirectional ISIS protocol. In this case, if there is another indirect path between the network devices, neighbor information may be transmitted on the indirect path such that the two network devices are allowed to continue to establish and maintain a neighbor relationship. However, when one of the two network devices that are connected using a unidirectional link (UDL) enables an authentication function while the other one does not enable an authentication function, a neighbor relationship is still normally established. In this way, a security risk between neighbors is brought.