* tico <tico-o...@raapid.net> [2009-01-29 18:53]: > The only time I've had a session get "hung down" is once or twice when > running 4.3 and having made several bgpd.conf changes and issuing > "bgpctl reload" several times -- I believe it was regarding changing an > MD5 secret but I can't remember for sure. Either way, I eventually > restarted bgpd at that time and the sessions came right up, and I > haven't seen that behavior occur again after I upgraded to 4.4, but YMMV.
it is still there. I just reproduced and found the root cause two days ago. there is a bug in the ipsec stack (that handles tcpmd5 on openbsd), it is not in bgpd. basically, removing the SAs and re-adding them quickly - as bgpd does when going through idle - fails the re-addition. it is beeing looked into. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam