I only know of one production eBGP deployment (prove me wrong!)
https://labs.ripe.net/author/andrew-gallo/production-deployment-of-tcp-authentication-option/ Happens to be between two routers that I control (but it's still eBGP) I'd love to hear about more deployments There is a github repo with some interop results and config examples https://github.com/TCP-AO/ Please share your experiences On 9/27/2023 10:56 AM, Michael Hare via juniper-nsp wrote:
FWIW, I deployed it for iBGP on MX gear in 20.4 with no concerns for an ASN I manage. No issues in our lab with a mix of 20.4, 21.2 and 22.4, all classic JunOS. I haven't tried it any other scenario. -Michael-----Original Message----- From: juniper-nsp <juniper-nsp-boun...@puck.nether.net> On Behalf Of Barry Greene via juniper-nsp Sent: Tuesday, September 26, 2023 7:50 PM To: juniper-nsp@puck.nether.net Subject: [j-nsp] Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions? Hi Team, Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions? I’m not touching routers right now. I’m wondering if anyone has deployed, your experiences, and thoughts? This is suppose to be the “replacement” for BGP MD5, ‘but’ I’m hearing ….. 1. The Vendors are not supporting yet. Which means a lot of older systems would not be able to support a BGP session with TCP-AO. 2. People have to tried is operationally. Sharing you thoughts would be helpful …... Thanks, Barry _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
