nanog mailing list archives
Re: Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5key for old session after key change)
From: Sean Donelan <sean () donelan com>
Date: Sat, 24 Apr 2004 17:32:16 -0400 (EDT)
On Sat, 24 Apr 2004 sthaug () nethelp no wrote:
But as long as the session *is* reset anyway, the current situation is extremely confusing - the log messages (on both Cisco and Juniper) give no indication that the invalid key in question is for an *old* BGP session, no longer active!
That's why I hope Juniper will fix their implementation not to reset the session and to stop using an old key. Once the key is changed, all new packets (including new packets for old sessions) should use the new key, not the old key. You think the bug is on Cisco's side, I think the bug is on Juniper's side. Hence interoperability.
Current thread:
- More MD5 fun: Cisco uses wrong MD5 key for old session after key change sthaug (Apr 24)
- Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5 key for old session after key change) Sean Donelan (Apr 24)
- Re: Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5key for old session after key change) sthaug (Apr 24)
- Re: Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5key for old session after key change) Sean Donelan (Apr 24)
- Re: Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5 key for old session after key change) Paul Jakma (Apr 25)
- Re: Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5key for old session after key change) sthaug (Apr 24)
- Re: More MD5 fun: Cisco uses wrong MD5 key for old session after key change Simon Lockhart (Apr 25)
- Re: More MD5 fun: Cisco uses wrong MD5 key for old session after key change Alexei Roudnev (Apr 25)
- Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5 key for old session after key change) Sean Donelan (Apr 24)