Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 24 Sep 2006 10:20:36 +0300
From:      Mihai Tanasescu <mihai@duras.ro>
To:        freebsd-questions@freebsd.org
Subject:   Openbgpd TCP-MD5
Message-ID:  <451631C4.6040200@duras.ro>

Next in thread | Raw E-Mail | Index | Archive | Help
Hello,


Does anyone know if TCP-MD5 is working with OpenBGP on Freebsd ?


I've got a Freebsd 6.1 system (6.1-RELEASE-p5) on which I've tried both 
openbgpd and openbgpd-devel.
The system has a test session now with a Cisco 3750 equipment.


On the OpenBGPD machine I have setup the Cisco neighbor with the  tcp 
md5sig password option.
On the Cisco machine I have setup the OpenBGPD neighbor with the 
password option.

Upon starting the session the OpenBGPD machine reported pfkey setup failed.

I used setkey to add the following (after adding FAST_IPSEC and TCP-MD5 in the kernel):

add ip-openbgpd ip-cisco-bgp tcp 0x1000 -A tcp-md5 "password I used";

On the Cisco device if I issue a show logg I can see:

%TCP-6-BADAUTH: No MD5 digest from ip-openbgpd(179) to ip-cisco(15581) (RST)

Also the OpenBGPD FreeBSD system displays:

kernel: tcp_signature_compute: SADB lookup failed for ip-cisco


Help wanted:) if possible


Thanks,
Mihai





Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?451631C4.6040200>