openbgpds not talking each other since 8.2-STABLE upgrade
sthaug at nethelp.no
sthaug at nethelp.no
Wed Jan 4 13:42:17 UTC 2012
> You are setting the keys with setkey for both directions of a single session, right?
> i.e.:
>
> add X.X.X.X Y.Y.Y.Y tcp 0x1000 -A tcp-md5 "SomePass";
> add Y.Y.Y.Y X.X.X.X tcp 0x1000 -A tcp-md5 "SomePass";
>
> As before it was only needed to set the "outgoing" direction key, which should not work anymore unless
> net.inet.tcp.signature_verify_input is zero.
Are you sure? I have net.inet.tcp.signature_verify_input = 1 and only
one line in /etc/ipsec.conf for each BGP session using MD5 keys, on
8.2-STABLE.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the freebsd-net
mailing list