question on md5 and linux

Wolfgang Hennerbichler wh at univie.ac.at
Thu Jul 9 07:45:44 CEST 2009


On 09.07.2009, at 01:59, Ondrej Zajicek wrote:

> On Wed, Jul 08, 2009 at 10:34:03AM +0200, Wolfgang Hennerbichler  
> wrote:
>> Hi,
>>
>> sorry if this question has been asked 100times before, but I didn't  
>> find
>> a mailing list archive. We (VIX, ACOnet) are taking a look at BIRD  
>> within
>> the following months to use it for various purposes. One of the
>> requirements though (and unfortunately) is to support md5  
>> passwords. I
>> know bird is capable of doing this but as far as my understanding  
>> goes
>> this is something the operating system has to support, too. I know  
>> linux
>> does now have native md5+tcp support in the kernel. Is this supported
>> with BIRD? If so, does anybody have a hint for me how to use it  
>> (for not
>> having to reinvent the wheel) on linux-side?
>
> Just use option 'password' in BGP protocol configuration section.
> Linux kernel is configured by BIRD automatically.

ah, thanks. After reading the docs again it seems obvious, but I may  
have read it too fast :)

> You have to use pretty recent kernel, with enabled CONFIG_TCP_MD5SIG,
> but kernels from current distributions should be enough.

I've just started to compile right now... Once the first BIRD instance  
is in place and I'm satisfied (and I am already way more satisfied  
than with quagga) I will deploy about 5 more instances with different  
tasks, I hope I can give you some feedback.

>> Is there a wiki (other than
>> euro-ix which I know of) where I could add precious information  
>> regarding
>> my work with bird?
>
> There is documentation at http://bird.network.cz/?get_doc&f=bird.html

I've read that, but how should I say - it's a little - thin at some  
corners. Are you willing to setup a wiki for BIRD? It should be great  
to have some place for a community, I am totally willing to provide  
sample configurations and hints for our various setups. If not, I  
would create some notes on my webpage, so this can be helpful for  
others too.

thanks for the bird;
Wolfgang

> -- 
> Elen sila lumenn' omentielvo
>
> Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
> OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3,  
> wwwkeys.pgp.net)
> "To err is human -- to blame it on a computer is even more so."

-- 
www.vix.at | www.aco.net
wh at univie.ac.at | WH844-RIPE
Vienna University Computer Center



More information about the Bird-users mailing list