openbgpds not talking each other since 8.2-STABLE upgrade
sthaug at nethelp.no
sthaug at nethelp.no
Tue Jan 3 19:36:11 UTC 2012
> Doug, does your kernel have TCP_SIGNATURE option? The patch[*] for
> net/openbgpd can be used as a workaround if it was due to TCP_MD5SIG
> option on the listening sockets.
>
> [*] http://people.allbsd.org/~hrs/FreeBSD/openbgpd.20120104-1.diff
>
> While this is an ugly hack and I will investigate more reasonable
> solution for that, I want to narrow down the cause first. Can anyone
> who are using a 8-STABLE kenrel with TCP_SIGNATURE let me know if
> this works or not?
8-STABLE on several servers, csup'ed only a couple of days ago, with
options TCP_SIGNATURE
options IPSEC
device crypto
device cryptodev
and Quagga bgpd talking to Juniper M/MX routers using MD5 key on the
BGP sessions. No problems.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the freebsd-net
mailing list