[Bug 223835] BGP session not established with md5 password via FRRouting
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Feb 28 17:21:19 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223835
--- Comment #34 from Andrey V. Elsukov <ae at FreeBSD.org> ---
> (In reply to Felipe N. Oliva from comment #31)
> > netstat -sp tcp | grep sig
> > 0 packets with matching signature received
> > 0 packets with bad signature received
> > 0 times failed to make signature due to no SA
> > 0 times unexpected signature received
> > 0 times no signature provided by segment
>
> It seems there were not any attempt to use TCP-MD5, probably you need to
> properly configure your BGP daemon.
>
When application wants to use TCP-MD5 signatures, it uses TCP_MD5SIG socket
option to enable this feature. When socket has enabled this feature and no SAs
are presents, or option is enabled and TCP segments have not such option there
will be some counters incremented. In your case application did not enable this
socket option, this is why I think about wrong configuration.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-net
mailing list