[quagga-dev 1045] Re: [quagga-users 1696] TCP MD5 for BGP and Linux
jeroen at unfix.org
Fri Apr 16 16:55:45 BST 2004
On Fri, 2004-04-16 at 17:02, Rick Payne wrote:
> --On Friday, April 16, 2004 4:59 pm +0200 Jeroen Massar <jeroen at unfix.org>
> > Especially if it can also do IPv6, if not, pass it to me and I'll have a
> > look at it as that might prove very interresting especially for eg my
> > GRH project which is using EBGP multihop sessions even traveling the
> > transatlantic.
> MD5 Protection of TCP segments has not been defined for IPv6, I think. The
> RFC-2385 only discusses ipv4, because I suspect other mechanisms are
> intended to protect ipv6 connections.
Hmmm, but I guess that that would mean IPSEC and that is widely deployed
in IPv6 ;) (not).
Anyhow I did a quick round of questions and googling.
Apparently both Cisco and Juniper support MD5'd BGP sessions in IPv6:
But *how* they implement it is noted nowhere and if done nicely with
extension headers or not is totally in the mist.
I'll raise it on the ipv6 at ietf.org list.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 240 bytes
Desc: This is a digitally signed message part
More information about the Quagga-dev