RIP with MD5 authentication
Alexander Velkov
alvel85 at googlemail.com
Tue Jun 28 13:59:05 CEST 2016
Hi Ondrej,
> The first one is RIP request, rest are RIP responses. Quagga apparently do
> not sign RIP requests. They are optional, so it is not a big problem, but
> AFAIK they should be signed and verified in the same way as RIP requests.
OK. Yes, the whole communication process to be encrypted sounds more
adequate.
On Tue, Jun 28, 2016 at 12:22 PM, Ondrej Zajicek <santiago at crfreenet.org>
wrote:
> On Thu, Jun 23, 2016 at 04:04:48PM +0200, Alexander Velkov wrote:
> > Hello again,
> >
> > Error 1:
> >
> > You are right, it seems that quagga (ripd) really sends two packets when
> it
> > starts - the first one is unencrypted with metric 16, the others are
> > properly encrypted.
>
> The first one is RIP request, rest are RIP responses. Quagga apparently do
> not sign RIP requests. They are optional, so it is not a big problem, but
> AFAIK they should be signed and verified in the same way as RIP requests.
>
> --
> Elen sila lumenn' omentielvo
>
> Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
> OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
> "To err is human -- to blame it on a computer is even more so."
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20160628/15f4c299/attachment.html>
More information about the Bird-users
mailing list