Project

General

Profile

Actions

Bug #8407

closed

FRR BGP MD5 support is broken

Added by Anonymous almost 6 years ago. Updated over 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Routing
Target version:
Start date:
03/31/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.3
Affected Architecture:

Description

This is a continuation of #7969

I recently upgraded some systems from 2.3.5 to 2.4.3 and found that FRR BGP MD5 support is now broken. When the outgoing interface is physical / LAGG it was sufficient to enable hardware checksum support to fix the issue. When the outgoing interface is an OpenVPN tunnel there is no such option, so BGP MD5 support is still broken.

I did several tests to confirm the above with peers on 2.3.5 and on 2.4.3.

A new patch in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223835 seems to fix this problem for any interface type by removing the hardware checksum requirement.

Can we have that patch included?


Files

pfsense2.4.4_01 Jul. 05 11.52.jpg (123 KB) pfsense2.4.4_01 Jul. 05 11.52.jpg Andrew Dul, 07/06/2018 11:37 AM
Actions

Also available in: Atom PDF