[FROG] BGP NBR password
hongal
hongal at gmail.com
Wed Aug 12 16:33:32 UTC 2020
Hi Folks,
Starting FRR 7.2 we are seeing one issue with bgp neighbor command.
e.g
R1 ---------------------------------------R2.
(md5 password) (no password configured)
R1
router bgp 64707
bgp router-id 199.1.1.2
neighbor 100.17.6.1 remote-as 64708
neighbor 100.17.6.1 password ******
R2
router bgp 64708
bgp router-id 199.1.1.3
neighbor 100.17.6.2 remote-as 64707
I do see BGP NBR come up with this configuration, even though password
is not configured on the other side(R2).
R1 starts sending TCP syn packet with Tcp options(md5).
R2 acks without md5 option.(as password is not configured)
R1 drops md5 option and continue with TCP handshake , TCP is established
without md5.
This will continue towards BGP NBR UP.
Would like to know if this is new behavior added or a bug.
Note that,
1 if I configure password both side, it works ok, I see md5 option is
exchanged.
2 If I mis-configure password value either side, it fails, which is
expected.
Thanks
Thippanna
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20200812/3de50e4b/attachment.htm>
More information about the frog
mailing list