RIP with MD5 authentication
Ondrej Zajicek
santiago at crfreenet.org
Tue Jun 28 12:22:55 CEST 2016
On Thu, Jun 23, 2016 at 04:04:48PM +0200, Alexander Velkov wrote:
> Hello again,
>
> Error 1:
>
> You are right, it seems that quagga (ripd) really sends two packets when it
> starts - the first one is unencrypted with metric 16, the others are
> properly encrypted.
The first one is RIP request, rest are RIP responses. Quagga apparently do
not sign RIP requests. They are optional, so it is not a big problem, but
AFAIK they should be signed and verified in the same way as RIP requests.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list