Date: Thu, 24 Nov 2011 14:41:28 +0200 From: Nikolay Denev <ndenev@gmail.com> To: Borja Marcos <borjam@sarenet.es> Cc: freebsd-net@freebsd.org Subject: Re: Openbgpd incorrectly sets TCP_MD5 on the listen socket, regardless of configuration Message-ID: <5229579D-A711-4804-9E26-7089D89D81DD@gmail.com> In-Reply-To: <F35D19C6-D560-4ED0-A2E3-140E64D0841C@sarenet.es> References: <EE636279-E758-44EA-B5B7-23D66D799E20@sarenet.es> <25CAC0FC-ED0F-42D5-85DC-B7270EFD9814@gmail.com> <F35D19C6-D560-4ED0-A2E3-140E64D0841C@sarenet.es>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 23, 2011, at 2:43 PM, Borja Marcos wrote: >=20 > On Nov 23, 2011, at 9:30 AM, Nikolay Denev wrote: >=20 >> I'm seeing exactly the same problem with Quagga. >> Quagga's bgpd also seem to always set the TCP_MD5 socket option, and = newer freebsd 8.2 machines >> don't seem to be able to establish bgp sessions, probably due to the = recent TCP_MD5 fixes that enabled >> the TCP_MD5 checksum verification of incoming packets. >=20 > Hmm. A confusion? ;) >=20 > The traces I've just sent show Quagga and Bird working well, OpenBGPD = failing. >=20 >=20 > Borja. >=20 Nope, no confusion :) My pair of FreeBSD 8.2 routers fail to establish a BGP session unless I = define MD5 password in /etc/ipsec.conf or disable the validation of the digests with the sysctl I mentioned in my previous email. I'm seeing exactly the same tcpdumps, with invalid digest options and = empty digest (all zeroes). Regards, Nikolay=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5229579D-A711-4804-9E26-7089D89D81DD>