[FROG] BGP NBR password
hongal
hongal at gmail.com
Thu Aug 13 08:27:54 UTC 2020
Resending:
On Wed, Aug 12, 2020 at 9:33 AM hongal <hongal at gmail.com> wrote:
> Hi Folks,
>
> Starting FRR 7.2 we are seeing one issue with bgp neighbor command.
>
> e.g
> R1 ---------------------------------------R2.
> (md5 password) (no password configured)
>
> R1
> router bgp 64707
> bgp router-id 199.1.1.2
> neighbor 100.17.6.1 remote-as 64708
> neighbor 100.17.6.1 password ******
>
> R2
> router bgp 64708
> bgp router-id 199.1.1.3
> neighbor 100.17.6.2 remote-as 64707
>
> I do see BGP NBR come up with this configuration, even though password
> is not configured on the other side(R2).
>
>
> R1 starts sending TCP syn packet with Tcp options(md5).
> R2 acks without md5 option.(as password is not configured)
> R1 drops md5 option and continue with TCP handshake , TCP is established
> without md5.
> This will continue towards BGP NBR UP.
>
> Would like to know if this is new behavior added or a bug.
>
> Note that,
> 1 if I configure password both side, it works ok, I see md5 option is
> exchanged.
> 2 If I mis-configure password value either side, it fails, which is
> expected.
>
> Thanks
> Thippanna
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20200813/39fb7e37/attachment.htm>
More information about the frog
mailing list