Hi Ondrej, > The first one is RIP request, rest are RIP responses. Quagga apparently do > not sign RIP requests. They are optional, so it is not a big problem, but > AFAIK they should be signed and verified in the same way as RIP requests.
OK. Yes, the whole communication process to be encrypted sounds more adequate. On Tue, Jun 28, 2016 at 12:22 PM, Ondrej Zajicek <[email protected]> wrote: > On Thu, Jun 23, 2016 at 04:04:48PM +0200, Alexander Velkov wrote: > > Hello again, > > > > Error 1: > > > > You are right, it seems that quagga (ripd) really sends two packets when > it > > starts - the first one is unencrypted with metric 16, the others are > > properly encrypted. > > The first one is RIP request, rest are RIP responses. Quagga apparently do > not sign RIP requests. They are optional, so it is not a big problem, but > AFAIK they should be signed and verified in the same way as RIP requests. > > -- > Elen sila lumenn' omentielvo > > Ondrej 'Santiago' Zajicek (email: [email protected]) > OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) > "To err is human -- to blame it on a computer is even more so." >
