Date: Thu, 24 Nov 2011 14:41:28 +0200 From: Nikolay Denev <ndenev@gmail.com> To: Borja Marcos <borjam@sarenet.es> Cc: freebsd-net@freebsd.org Subject: Re: Openbgpd incorrectly sets TCP_MD5 on the listen socket, regardless of configuration Message-ID: <5229579D-A711-4804-9E26-7089D89D81DD@gmail.com> In-Reply-To: <F35D19C6-D560-4ED0-A2E3-140E64D0841C@sarenet.es> References: <EE636279-E758-44EA-B5B7-23D66D799E20@sarenet.es> <25CAC0FC-ED0F-42D5-85DC-B7270EFD9814@gmail.com> <F35D19C6-D560-4ED0-A2E3-140E64D0841C@sarenet.es>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 23, 2011, at 2:43 PM, Borja Marcos wrote: > > On Nov 23, 2011, at 9:30 AM, Nikolay Denev wrote: > >> I'm seeing exactly the same problem with Quagga. >> Quagga's bgpd also seem to always set the TCP_MD5 socket option, and newer freebsd 8.2 machines >> don't seem to be able to establish bgp sessions, probably due to the recent TCP_MD5 fixes that enabled >> the TCP_MD5 checksum verification of incoming packets. > > Hmm. A confusion? ;) > > The traces I've just sent show Quagga and Bird working well, OpenBGPD failing. > > > Borja. > Nope, no confusion :) My pair of FreeBSD 8.2 routers fail to establish a BGP session unless I define MD5 password in /etc/ipsec.conf or disable the validation of the digests with the sysctl I mentioned in my previous email. I'm seeing exactly the same tcpdumps, with invalid digest options and empty digest (all zeroes). Regards, Nikolay
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5229579D-A711-4804-9E26-7089D89D81DD>