TCP-MD5 may technically be obsolete, but it’s used widely for protecting BGP sessions in the real world. Noting the comments in https://tools.ietf.org/html/rfc5925#page-35 that any AO implementation SHOULD support MD5, I would suggest starting with an RFC 2385 TCP-MD5 implementation. It may be legacy, but you need it anyway and it gets you significant real world coverage immediately.
Chris. From: [email protected] <[email protected]> On Behalf Of Burt Silverman Sent: Friday, July 5, 2019 09:09 To: Jim Thompson <[email protected]> Cc: Steuer Heribert <[email protected]>; vpp-dev <[email protected]> Subject: [EXTERNAL] Re: [vpp-dev] VPP Router Plugin or alternatives >TCP-MD5 needs to be implemented in the host stack before a standards-compliant >BGP could be accomplished. Or TCP-AO, RFC 5925, instead, as it has obsoleted RFC 2385? Burt
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13453): https://lists.fd.io/g/vpp-dev/message/13453 Mute This Topic: https://lists.fd.io/mt/32317374/21656 Group Owner: [email protected] Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
