[74912] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: BCP38 making it work, solving problems

daemon@ATHENA.MIT.EDU (Jon Lewis)
Wed Oct 20 21:50:43 2004

Date: Wed, 20 Oct 2004 21:49:55 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: Patrick W Gilmore <patrick@ianai.net>
Cc: nanog@merit.edu
In-Reply-To: <7A351EE7-2262-11D9-9EA9-000A9578BB58@ianai.net>
Errors-To: owner-nanog-outgoing@merit.edu


On Wed, 20 Oct 2004, Patrick W Gilmore wrote:

> Have you actually done the work to see how many packets it takes to
> shut down a session with and without MD5 enabled?  (The question is
> rhetorical, since your post shows that you have not.)

Just a bit more sauce for the goose...enabling MD5 on BGP peers under
certain latest in their train IOS versions will immediately crash IOS.

Guess how I know that?

----------------------------------------------------------------------
 Jon Lewis                   |  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[74912] in North American Network Operators' Group

Re: BCP38 making it work, solving problems

daemon@ATHENA.MIT.EDU (Jon Lewis)Wed Oct 20 21:50:43 2004

daemon@ATHENA.MIT.EDU (Jon Lewis)
Wed Oct 20 21:50:43 2004