Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

Hi all, Here is my latest update on this one and a work around as well. Not great, but it work for now until this bug is fix. To reproduce the problem, you only need to enable: ip tcp selective-ack on your Cisco router and as soon as you will clean the BGP session setup with MD5 on your Ope

Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

Claudio Jeker wrote: On Wed, Oct 05, 2005 at 06:33:05PM -0400, Daniel Ouellet wrote: Now with MD5 configure. We only add tcp md5sig password test on bgpd side and neighbor 66.63.12.108 password test on the Cisco side. With bgpd master Clear session from bgpd side, session com

Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

Claudio Jeker wrote: On Wed, Oct 05, 2005 at 06:33:05PM -0400, Daniel Ouellet wrote: == Without MD5 configure. With bgpd master Clear session from bgpd side, session comes back up right away. Clear session from remote side, session comes back up with delay. With bgpd slav

Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

Claudio Jeker wrote: With bgpd master Clear session from bgpd side, session comes back up right away. Clear session from remote side, session comes back up with delay. With bgpd slave Clear session from bgpd side, session comes back up with delay. Clear session from remote side, session comes ba

Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

On Wed, Oct 05, 2005 at 06:33:05PM -0400, Daniel Ouellet wrote: > More on this with test results, example, setup use, and more details. > > == > > Without MD5 configure. > > With bgpd master > Clear session from bgpd side, session comes back up right away. > Clear session fr

Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

On Wed, Oct 05, 2005 at 06:33:05PM -0400, Daniel Ouellet wrote: > More on this with test results, example, setup use, and more details. > > The short of it is that bgpd will not establish an MD5 connection as > slave ever! So, if you do get an MD5 session in normal operation, it may > well not s

Re: BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

More on this with test results, example, setup use, and more details. The short of it is that bgpd will not establish an MD5 connection as slave ever! So, if you do get an MD5 session in normal operation, it may well not stay stable at all depending of bgp flap and who will try to become maste

BGP session clear by remote end when MD5 is configure AND the session was initiate from OpenBSD side failed and do not recover.

I am not sure that this is normal for routers configure with MD5 or not to react like this. Both side can and should be allow to initiate the bgp session. But when the session is not initiate from bgpd, then unexpected results occur. OpenBSD <---> Cisco routers. With MD5. If the session is