[quagga-dev 1045] Re: [quagga-users 1696] TCP MD5 for BGP and Linux

Jeroen Massar jeroen at unfix.org
Fri Apr 16 16:55:45 BST 2004

On Fri, 2004-04-16 at 17:02, Rick Payne wrote:
> --On Friday, April 16, 2004 4:59 pm +0200 Jeroen Massar <jeroen at unfix.org> 
> wrote:
> > Especially if it can also do IPv6, if not, pass it to me and I'll have a
> > look at it as that might prove very interresting especially for eg my
> > GRH project which is using EBGP multihop sessions even traveling the
> > transatlantic.
> MD5 Protection of TCP segments has not been defined for IPv6, I think. The 
> RFC-2385 only discusses ipv4, because I suspect other mechanisms are 
> intended to protect ipv6 connections.

Hmmm, but I guess that that would mean IPSEC and that is widely deployed
in IPv6 ;) (not).

Anyhow I did a quick round of questions and googling.
Apparently both Cisco and Juniper support MD5'd BGP sessions in IPv6:


But *how* they implement it is noted nowhere and if done nicely with
extension headers or not is totally in the mist.

I'll raise it on the ipv6 at ietf.org list.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
URL: <http://lists.quagga.net/pipermail/quagga-dev/attachments/20040416/1c36120a/attachment-0001.sig>

More information about the Quagga-dev mailing list