BGP, FreeBSD and password

Alexander V. Chernikov melifaro at ipfw.ru
Mon Aug 22 14:26:41 CEST 2011


On 22.08.2011 16:10, fredrik danerklint wrote:
> ok. I think I've got that part.
>
> But what do I put in the password field in the configuration of the bgp in
> bird?
Any non-empty string should be fine.

>
>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> fredrik danerklint wrote:
>>> Hi!
>>>
>>> The manual page says:
>>>
>>> password string
>>> Use this password for MD5 authentication of BGP sessions. Default: no
>>> authentication. Password has to be set by external utility (e.g.
>>> setkey(8)) on BSD systems.
>>>
>>> Can someone provide me with an example of how that does work?
>>
>> Presently you need to add
>> options         TCP_SIGNATURE
>> options         IPSEC
>> device          crypto
>>
>> to your kernel configuration
>>
>> After that, TCP MD5 can be configured on per-host basis:
>>
>>
>> 9:55 [1] zfscurr0# echo add 10.0.0.92 10.0.0.5 tcp 0x1000 -A tcp-md5
>> \"secret\" \; | setkey -c
>> 9:55 [1] zfscurr0# setkey -D
>> 10.0.0.92 10.0.0.5
>>          tcp mode=any spi=4096(0x00001000) reqid=0(0x00000000)
>>          A: tcp-md5  73656372 6574
>>          seq=0x00000000 replay=0 flags=0x00000040 state=mature
>>          created: Aug 22 09:55:06 2011   current: Aug 22 09:55:12 2011
>>          diff: 6(s)      hard: 0(s)      soft: 0(s)
>>          last:                           hard: 0(s)      soft: 0(s)
>>          current: 0(bytes)       hard: 0(bytes)  soft: 0(bytes)
>>          allocated: 0    hard: 0 soft: 0
>>          sadb_seq=0 pid=1005 refcnt=1
>>
>>
>> Please see setkey(8) for more information
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2.0.14 (FreeBSD)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>
>> iEYEARECAAYFAk5R74sACgkQwcJ4iSZ1q2nQBwCggHj3/NUKoQ6wvSBfQHcKnHAX
>> 6D8AoKBwKBA8fvHGZDBZ3IrT8+kIduqr
>> =14zM
>> -----END PGP SIGNATURE-----
>




More information about the Bird-users mailing list