[FROG] BGP NBR password

hongal hongal at gmail.com
Tue Aug 25 13:24:49 UTC 2020 

Hi Quentin,
I have attached a pcap file to this email, and also in git hub.
Please let me know if you need any more details.
Thanks

On Fri, Aug 14, 2020 at 10:24 PM hongal <hongal at gmail.com> wrote:

> Thanks Quentin,
> I have created a new issue:
> https://github.com/FRRouting/frr/issues/6921.
>
>
> On Fri, Aug 14, 2020 at 8:42 PM Quentin Young <qlyoung at cumulusnetworks.com>
> wrote:
>
>> Sounds like a bug, please file an issue on GitHub and we'll look into it
>> next week.
>>
>> On Thu, Aug 13, 2020, 4:31 AM hongal <hongal at gmail.com> wrote:
>>
>>> Resending:
>>>
>>> On Wed, Aug 12, 2020 at 9:33 AM hongal <hongal at gmail.com> wrote:
>>>
>>>> Hi Folks,
>>>>
>>>> Starting FRR 7.2 we are seeing one issue with  bgp neighbor command.
>>>>
>>>> e.g
>>>> R1  ---------------------------------------R2.
>>>> (md5 password)                             (no password configured)
>>>>
>>>> R1
>>>> router bgp 64707
>>>>  bgp router-id 199.1.1.2
>>>>  neighbor 100.17.6.1 remote-as 64708
>>>>  neighbor 100.17.6.1 password ******
>>>>
>>>> R2
>>>> router bgp 64708
>>>>  bgp router-id 199.1.1.3
>>>>  neighbor 100.17.6.2 remote-as 64707
>>>>
>>>> I do see BGP NBR come up with this configuration, even though password
>>>> is not configured on the other side(R2).
>>>>
>>>>
>>>> R1 starts sending  TCP syn packet with Tcp options(md5).
>>>> R2 acks without md5 option.(as password is not configured)
>>>> R1 drops md5 option and continue with TCP handshake ,  TCP is
>>>> established without md5.
>>>> This will continue towards BGP NBR UP.
>>>>
>>>> Would like to know if this is new behavior added or a bug.
>>>>
>>>> Note that,
>>>> 1 if I configure password both side, it works ok, I see md5 option is
>>>> exchanged.
>>>> 2  If I mis-configure password value either side, it fails, which is
>>>> expected.
>>>>
>>>> Thanks
>>>> Thippanna
>>>>
>>>>
>>>> _______________________________________________
>>> frog mailing list
>>> frog at lists.frrouting.org
>>> https://lists.frrouting.org/listinfo/frog
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20200825/03a67bdd/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmp.pcap
Type: application/octet-stream
Size: 38122 bytes
Desc: not available
URL: <http://lists.frrouting.org/pipermail/frog/attachments/20200825/03a67bdd/attachment-0001.obj>

More information about the frog mailing list