just did a cvsup build and portupgrade of a six month old -current i386 system running quagga. quagga cranked to 0.99.8. i got slammed by bgp tcpmd5 requirement.
bgpd[469]: can't set sockopt TCP_MD5SIG 0 to socket 17 bgpd[469]: can't set sockopt TCP_MD5SIG 0 to socket 18 bgpd[469]: can't set sockopt TCP_MD5SIG 0 to socket 22 madly googled and found that i needed to hack kernel for tcp md5 hash, even though i am not using md5 auth (these are not really infrastructure peerings. yes i know better for production). # quagga needs this for MD5 passwords on BGP sessions # options TCP_SIGNATURE options IPSEC #options FAST_IPSEC device crypto device cryptodev FAST_IPSEC turned out to be obsolete, so removed with this kernel, i got a lot of whining about no keys tcp_signature_compute: SADB lookup failed for 666.42.69.96 i restarted quagga, and bgpd left a disk flower bgpd[9808]: BGPd 0.99.8 starting: [EMAIL PROTECTED], [EMAIL PROTECTED] kernel: pid 9808 (bgpd), uid 101: exited on signal 6 which i was too panicked to debug so i went to backup and restored last week's binaries of quagga. things are running, and i am less panicked. enough adrenaline for one day, lemme tell ya. but tell me, what the heck is the correct recipe for a kernel and a quagga build for a bgpd that will play happily together? clue by four please! randy _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
