[Bug 223835] BGP session not established with md5 password via FRRouting

Fri Nov 24 07:38:36 UTC 2017

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223835

            Bug ID: 223835
           Summary: BGP session not established with md5 password via
                    FRRouting
           Product: Base System
           Version: 11.1-STABLE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: pautina at kharkiv.net

Hello. 
I'm trying to establish BGP session with GOOGLE (AS15169).
Google use md5 password and BGP session always stay on `Connect`.
My configuration `FreeBSD 11.1-STABLE` and ` FRRouting 3.0.2`.

BGP configuration:
```
router bgp 29XXX
 neighbor 185.1.62.69 remote-as 15169
 neighbor 185.1.62.69 description -= GOOGLE =-
 neighbor 185.1.62.69 password some_password
 address-family ipv4 unicast
  neighbor 185.1.62.69 soft-reconfiguration inbound
  neighbor 185.1.62.69 route-map RM-4-BGP-GOOGLE-IN in
  neighbor 185.1.62.69 route-map RM-4-BGP-GOOGLE-OUT out

```
```
show ip bgp summary
BGP router identifier 192.XXX.XX.1, local AS number 29XXXvrf-id 0
BGP table version 1591061
RIB entries 1216045, using 158 MiB of memory
Peers 23, using 323 KiB of memory
Peer groups 4, using 288 bytes of memory

Neighbor        V         AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down
State/PfxRcd
185.1.62.69     4      15169       0       0        0    0    0    never     
Connect

```
and debug log for this peer:
```
2017/11/23 16:23:58 BGP: 185.1.62.69 went from Active to Idle
2017/11/23 16:23:59 BGP: 185.1.62.69 [FSM] Timer (start timer expire).
2017/11/23 16:23:59 BGP: 185.1.62.69 [FSM] BGP_Start (Idle->Connect), fd -1
2017/11/23 16:23:59 BGP: 185.1.62.69 [Event] Connect start to 185.1.62.69 fd 36
2017/11/23 16:23:59 BGP: 185.1.62.69 [FSM] Non blocking connect waiting result,
fd 36
2017/11/23 16:23:59 BGP: 185.1.62.69 went from Idle to Connect
2017/11/23 16:24:02 BGP: 185.1.62.69 [FSM] BGP_Stop (Connect->Idle), fd 36
2017/11/23 16:24:02 BGP: 185.1.62.69 went from Connect to Idle
2017/11/23 16:24:03 BGP: 185.1.62.69 [FSM] Timer (start timer expire).
2017/11/23 16:24:03 BGP: 185.1.62.69 [FSM] BGP_Start (Idle->Connect), fd -1
2017/11/23 16:24:03 BGP: 185.1.62.69 [Event] Connect start to 185.1.62.69 fd 36
2017/11/23 16:24:03 BGP: 185.1.62.69 [FSM] Non blocking connect waiting result,
fd 36
2017/11/23 16:24:03 BGP: 185.1.62.69 went from Idle to Connect
```
I'm also have rebuild my kernel this support IPSEC:

```
options         IPSEC                   # IP (v4/v6) security
options         IPSEC_SUPPORT           # Allow kldload of ipsec and tcpmd5
options         TCP_OFFLOAD             # TCP offload
# The crypto framework is required by IPSEC
device          crypto                  # Required by IPSEC
device          cryptodev
options         TCP_SIGNATURE
```
setup ipsec key:
```
cat /etc/ipsec.conf
flush;
add 185.1.62.241 185.1.62.69 tcp 0x1000 -A tcp-md5 "some_password";
```
What is not right, help, please.

-- 
You are receiving this mail because:
You are the assignee for the bug.