MD5'd BGP sessions over IPv6?
Jeroen Massar jeroen at unfix.org
Thu Apr 22 14:44:06 CEST 2004
On Thu, 2004-04-22 at 14:18, James Aldridge wrote: > --On Thursday, 22 April, 2004 11:17 +0200 Jeroen Massar <jeroen at unfix.org> > wrote: > > As RIS is also using Quagga I was wondering if you have implemented > > the MD5 passworded TCP sessions, especially also over IPv6. > > RFC2385 only defines the TCP MD5 Signature for IP version 4. I guess that > the intention was for IPv6 TCP to be protected using other methods such as > IPsec. I don't think that many routers/OS's support IPSEC over IPv6 altough it is one the 'requirements' of IPv6. RFC2385 doesn't specify any IP restrictions though and apparently Juniper and Cisco do MD5 over IPv6, but how exactly is unclear to me... I'll try to adopt the current IPv4 patches to IPv6 as it seems to be only TCP related as they stick the md5 in the option headers of TCP... Greets, Jeroen -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 240 bytes Desc: This is a digitally signed message part Url : https://www.ripe.net/ripe/mail/archives/ris-users/attachments/20040422/7a0077fe/attachment.bin