[149058] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: MD5 considered harmful

daemon@ATHENA.MIT.EDU (Grzegorz Janoszka)
Fri Jan 27 17:12:36 2012

Date: Fri, 27 Jan 2012 23:11:50 +0100
From: Grzegorz Janoszka <Grzegorz@Janoszka.pl>
To: nanog@nanog.org
In-Reply-To: <0B6DEEFE-0049-4223-BB76-4A6A52D929E2@ianai.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On 27-01-12 21:52, Patrick W. Gilmore wrote:
> Who would want to reset a BGP that will come back up in 30-90 seconds when you can packet an entire router off the 'Net easier, more quickly, and for longer a period?

+1

Actually, when you have lot of MD5 BGP session coming up at the same
time (a connection to internet exchanges went up), you have longer
convergence time because of higher cpu load. MD5 offers no security
advantages and in some cases it causes more downtime by slowing down
convergence.

-- 
Grzegorz Janoszka


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[149058] in North American Network Operators' Group

Re: MD5 considered harmful

daemon@ATHENA.MIT.EDU (Grzegorz Janoszka)Fri Jan 27 17:12:36 2012

daemon@ATHENA.MIT.EDU (Grzegorz Janoszka)
Fri Jan 27 17:12:36 2012