[Bug 223835] BGP session not established with md5 password via FRRouting
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Nov 24 07:38:36 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223835
Bug ID: 223835
Summary: BGP session not established with md5 password via
FRRouting
Product: Base System
Version: 11.1-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: pautina at kharkiv.net
Hello.
I'm trying to establish BGP session with GOOGLE (AS15169).
Google use md5 password and BGP session always stay on `Connect`.
My configuration `FreeBSD 11.1-STABLE` and ` FRRouting 3.0.2`.
BGP configuration:
```
router bgp 29XXX
neighbor 185.1.62.69 remote-as 15169
neighbor 185.1.62.69 description -= GOOGLE =-
neighbor 185.1.62.69 password some_password
address-family ipv4 unicast
neighbor 185.1.62.69 soft-reconfiguration inbound
neighbor 185.1.62.69 route-map RM-4-BGP-GOOGLE-IN in
neighbor 185.1.62.69 route-map RM-4-BGP-GOOGLE-OUT out
```
```
show ip bgp summary
BGP router identifier 192.XXX.XX.1, local AS number 29XXXvrf-id 0
BGP table version 1591061
RIB entries 1216045, using 158 MiB of memory
Peers 23, using 323 KiB of memory
Peer groups 4, using 288 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
185.1.62.69 4 15169 0 0 0 0 0 never
Connect
```
and debug log for this peer:
```
2017/11/23 16:23:58 BGP: 185.1.62.69 went from Active to Idle
2017/11/23 16:23:59 BGP: 185.1.62.69 [FSM] Timer (start timer expire).
2017/11/23 16:23:59 BGP: 185.1.62.69 [FSM] BGP_Start (Idle->Connect), fd -1
2017/11/23 16:23:59 BGP: 185.1.62.69 [Event] Connect start to 185.1.62.69 fd 36
2017/11/23 16:23:59 BGP: 185.1.62.69 [FSM] Non blocking connect waiting result,
fd 36
2017/11/23 16:23:59 BGP: 185.1.62.69 went from Idle to Connect
2017/11/23 16:24:02 BGP: 185.1.62.69 [FSM] BGP_Stop (Connect->Idle), fd 36
2017/11/23 16:24:02 BGP: 185.1.62.69 went from Connect to Idle
2017/11/23 16:24:03 BGP: 185.1.62.69 [FSM] Timer (start timer expire).
2017/11/23 16:24:03 BGP: 185.1.62.69 [FSM] BGP_Start (Idle->Connect), fd -1
2017/11/23 16:24:03 BGP: 185.1.62.69 [Event] Connect start to 185.1.62.69 fd 36
2017/11/23 16:24:03 BGP: 185.1.62.69 [FSM] Non blocking connect waiting result,
fd 36
2017/11/23 16:24:03 BGP: 185.1.62.69 went from Idle to Connect
```
I'm also have rebuild my kernel this support IPSEC:
```
options IPSEC # IP (v4/v6) security
options IPSEC_SUPPORT # Allow kldload of ipsec and tcpmd5
options TCP_OFFLOAD # TCP offload
# The crypto framework is required by IPSEC
device crypto # Required by IPSEC
device cryptodev
options TCP_SIGNATURE
```
setup ipsec key:
```
cat /etc/ipsec.conf
flush;
add 185.1.62.241 185.1.62.69 tcp 0x1000 -A tcp-md5 "some_password";
```
What is not right, help, please.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list