Hi, Don't know if it is still actual for the original poster.
I've been encountered with it in Centos 6. Actually those messages are harmless since TCP just resends the packet with a correct checksum. It seems to be a rhel6 kernel bug to me, not BIRDs. Moving to the recent version didn't help, but to Centos 7 did. Harish Shetty писал 2017-08-22 10:24: > Hi All > > I am using bird-1.4.5-1.el6, we are getting alerted for TCP md5 > authentication failures for almost on all the server's BGP peering with > switches. Error we are seeing as mentioned below. > Jul 17 17:15:29 lca1-s1-csw02.nw.linkedin.com [1] 2017 Jul 17 17:15:29 UTC: > %NETSTACK-3-TCP_MD5_AUTH_FAILURE: netstack [3617] MD5_DIGEST_INVALID:Dropping > packets from src:x.x.x.x.34987,dst:y.y.y.yy.179 > > Jul 17 07:24:28 lca1-e1-csw01-lo0.nw.linkedin.com [2] 2017 Jul 17 07:24:28 > UTC: %NETSTACK-3-TCP_MD5_AUTH_FAILURE: netstack [3640] > MD5_DIGEST_INVALID:Dropping packets from > src:yyyy.yyyy.yyyy.35088,dst:xxxx.xxxx.xxx.179 > > lca1-s1-csw01.nw.linkedin.com [3] 2017 Jul 17 05:01:25 UTC: > %NETSTACK-3-TCP_MD5_AUTH_FAILURE: netstack [3617] MD5_DIGEST_INVALID:Dropping > packets from src:x.x.x.xx.55220,dst:1y.y.y.yy.179 > > we have raised a Case with Cisco and they are saying possible cause would be > " If received packet has got modified in transit, so hash computed at origin > is not matching at the destination". > > Does anyone have seen this type of error before? Is bird causing something > to corrupt the packet? Any solution / way to check and confirm everything > fine at bird is appreciated. > > Regards > > Harish Shetty Links: ------ [1] http://lca1-s1-csw02.nw.linkedin.com [2] http://lca1-e1-csw01-lo0.nw.linkedin.com [3] http://lca1-s1-csw01.nw.linkedin.com
