Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 3 Apr 2006 16:27:13 +0000
From:      Nik <nikruzhan@gmail.com>
To:        "Chuck Swiger" <cswiger@mac.com>
Cc:        current@freebsd.org
Subject:   Re: BGP: can't set sockopt TCP_MD5SIG 0 to socket 16
Message-ID:  <60ffc71f0604030927g3a75f914hf32457fe8934c091@mail.gmail.com>
In-Reply-To: <44312E56.3040606@mac.com>
References:  <60ffc71f0604030126w60070561i9781729205d3790d@mail.gmail.com> <1144055468.15377.12.camel@bert.mlan.solnet.ch> <60ffc71f0604030255h3b418706vfaf51bb5f088dff3@mail.gmail.com> <44312E56.3040606@mac.com>

next in thread | previous in thread | raw e-mail | index | archive | help
If that is the case then I only need to recompile my kernel as what Thomas
said. Thanks a lot Thomas & Chuck.

# quagga needs this for MD5 passwords on BGP sessions
options         TCP_SIGNATURE
options         FAST_IPSEC
device          crypto
device          cryptodev

On 4/3/06, Chuck Swiger <cswiger@mac.com> wrote:
>
> Nik wrote:
> > I'm curious why I need to enable MD5 because in my system I don't use
> any
> > authentication method. [ ... ]
>
> Using the MD5 signature TCP option for BGP has become a common requiremen=
t
> since
> the RST-window vulnerability was published...
>
> --
> -Chuck
>
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60ffc71f0604030927g3a75f914hf32457fe8934c091>