Openbgpd TCP-MD5
Sergey Alexanov
freak at volia.net
Thu Dec 7 07:45:40 PST 2006
Hello,
Seemingly like you don't have rfc 2385 support in your kernel
from /usr/src/sys/conf/NOTES :
# TCP_SIGNATURE adds support for RFC 2385 (TCP-MD5) digests. These are
# carried in TCP option 19. This option is commonly used to protect
# TCP sessions (e.g. BGP) where IPSEC is not available nor desirable.
# This is enabled on a per-socket basis using the TCP_MD5SIG socket option.
# This requires the use of 'device crypto', 'options FAST_IPSEC' or 'options
# IPSEC', and 'device cryptodev'.
#options TCP_SIGNATURE #include support for RFC 2385
Regards,
--
Sergey Alexanov
SA1215-RIPE
freak at volia.net
More information about the freebsd-questions
mailing list