Date: Mon, 1 Jul 1996 14:31:15 -0400 From: Garrett Wollman <wollman@lcs.mit.edu> To: Brian Tao <taob@io.org> Cc: security@freebsd.org Subject: Is "routed -q" necessary? Message-ID: <9607011831.AA09457@halloran-eldar.lcs.mit.edu> In-Reply-To: <Pine.NEB.3.92.960630195358.18686K-100000@zap.io.org> References: <199606302111.RAA23445@ulc199.residence.gatech.edu> <Pine.NEB.3.92.960630195358.18686K-100000@zap.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sun, 30 Jun 1996 19:55:57 -0400 (EDT), Brian Tao <taob@io.org> said: > run routed at all? I figured it might help keep the routing tables > down to a manageable size, with static and dynamic IP connections > coming and going all the time. The routing tables are already a manageable size; you don't need to do anything to them at all. (There is, however, a small nit as regards ICMP redirects which `routed' would deal with for you.) You can also run `routed' in ``router discovery'' mode if you so desire, although this doesn't completely exist as yet. Since this is the security list, I would point out that the -current routed(8) does not support RIPv2 security. It should, and I hope that the recently added key(4)/keyadmin(8) facility can be used to handle the key-management functions. (I should probably add a hook in /etc/rc to automatically load any statically-configured keys.) -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9607011831.AA09457>