BGP: can't set sockopt TCP_MD5SIG 0 to socket 16
Nik
nikruzhan at gmail.com
Mon Apr 3 16:27:17 UTC 2006
If that is the case then I only need to recompile my kernel as what Thomas
said. Thanks a lot Thomas & Chuck.
# quagga needs this for MD5 passwords on BGP sessions
options TCP_SIGNATURE
options FAST_IPSEC
device crypto
device cryptodev
On 4/3/06, Chuck Swiger <cswiger at mac.com> wrote:
>
> Nik wrote:
> > I'm curious why I need to enable MD5 because in my system I don't use
> any
> > authentication method. [ ... ]
>
> Using the MD5 signature TCP option for BGP has become a common requirement
> since
> the RST-window vulnerability was published...
>
> --
> -Chuck
>
>
More information about the freebsd-current
mailing list