TCP-MD5 may technically be obsolete, but it’s used widely for protecting BGP sessions in the real world. Noting the comments in https://tools.ietf.org/html/rfc5925#page-35 that any AO implementation SHOULD support MD5, I would suggest starting with an RFC 2385 TCP-MD5 implementation. It may be legacy, but you need it anyway and it gets you significant real world coverage immediately.
Chris. From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of Burt Silverman Sent: Friday, July 5, 2019 09:09 To: Jim Thompson <j...@netgate.com> Cc: Steuer Heribert <ste...@patronas.com>; vpp-dev <vpp-dev@lists.fd.io> Subject: [EXTERNAL] Re: [vpp-dev] VPP Router Plugin or alternatives >TCP-MD5 needs to be implemented in the host stack before a standards-compliant >BGP could be accomplished. Or TCP-AO, RFC 5925, instead, as it has obsoleted RFC 2385? Burt
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13453): https://lists.fd.io/g/vpp-dev/message/13453 Mute This Topic: https://lists.fd.io/mt/32317374/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
