|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: More MD5 fun: Cisco uses wrong MD5 key for old session after key change
On Sat Apr 24, 2004 at 10:21:03PM +0200, sthaug@nethelp.no wrote: > Meanwhile, the new session (with the new MD5 key) is up and all is > well *on that session*. But because the Cisco side keeps logging > these messages, it *looks* like the new session is somehow not > working. > > As far as I can see, the bug here is clearly on the Cisco side. We > will definitely be logging a TAC case about this. Yes - I've noticed this when configuring MD5 on sessions. If I let the old session timeout due to md5 mismatch, and then let it re-establish, then the session seems to work, but continues to log the MD5 errors. Doing a "clear ip bgp <nei>" on my side removes the problem. Simon -- Simon Lockhart | Tel: +44 (0)1628 407720 (x(01)37720) | Si fractum Technology Manager | Fax: +44 (0)1628 407701 (x(01)37701) | non sit, noli BBC Internet Ops | Email: Simon.Lockhart@bbc.co.uk | id reficere BBC Technology, Maiden House, Vanwall Road, Maidenhead. SL6 4UB. UK
|