openbgpds not talking each other since 8.2-STABLE upgrade
Claudio Jeker
cjeker at diehard.n-r-g.com
Tue Jan 10 13:23:14 UTC 2012
On Tue, Jan 10, 2012 at 09:01:35AM +0100, Borja Marcos wrote:
>
> On Jan 10, 2012, at 12:01 AM, Claudio Jeker wrote:
>
> > Since it is possible to add MD5 for neighbors on config reload and the
> > listening sockets are normaly not closed and reopened on config reload it
> > was the easiest to set the MD5 option on all listening sockets no matter
> > what (especially since at that time OpenBSD was the only BSD doing TCP MD5
> > and the always enable was there from the beginning (actually the MD5SUM
> > support was done for/with OpenBGPD).
>
> I see, so then the TCP stack should only set and check MD5 signatures
> provided there's a matching CPD entry. Otherwise, using a random key
> doesn't make sense at all. Right? ;)
>
Yes.
A random key never makes sense since TCP MD5 works with a shared secret.
--
:wq Claudio
More information about the freebsd-net
mailing list