Re: [EXTERNAL] [vpp-dev] VPP Router Plugin or alternatives

Fri, 05 Jul 2019 08:34:25 -0700 

Just a quick note on punting tcp: we can punt TCP flows that do not match a 
configured session but at this time, we can’t punt to a specific node, instead 
they are punted to ip4/6-punt. 

As for TCP-MD5, it could be implemented, but I have my hands full these days. 
And, to rant for a second, why won’t BGP do something decent like TLS? </rant>

Florin

> On Jul 5, 2019, at 6:37 AM, Chris Luke <chris_l...@comcast.com> wrote:
> 
> TCP-MD5 may technically be obsolete, but it’s used widely for protecting BGP 
> sessions in the real world. Noting the comments in 
> https://tools.ietf.org/html/rfc5925#page-35 
> <https://tools.ietf.org/html/rfc5925#page-35> that any AO implementation 
> SHOULD support MD5, I would suggest starting with an RFC 2385 TCP-MD5 
> implementation. It may be legacy, but you need it anyway and it gets you 
> significant real world coverage immediately.
>  
> Chris.
>  
>  
> From: vpp-dev@lists.fd.io <mailto:vpp-dev@lists.fd.io> <vpp-dev@lists.fd.io 
> <mailto:vpp-dev@lists.fd.io>> On Behalf Of Burt Silverman
> Sent: Friday, July 5, 2019 09:09
> To: Jim Thompson <j...@netgate.com <mailto:j...@netgate.com>>
> Cc: Steuer Heribert <ste...@patronas.com <mailto:ste...@patronas.com>>; 
> vpp-dev <vpp-dev@lists.fd.io <mailto:vpp-dev@lists.fd.io>>
> Subject: [EXTERNAL] Re: [vpp-dev] VPP Router Plugin or alternatives
>  
> >TCP-MD5 needs to be implemented in the host stack before a 
> >standards-compliant BGP could be accomplished.
>  
> Or TCP-AO, RFC 5925, instead, as it has obsoleted RFC 2385?
>  
> Burt
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> 
> View/Reply Online (#13453): https://lists.fd.io/g/vpp-dev/message/13453 
> <https://lists.fd.io/g/vpp-dev/message/13453>
> Mute This Topic: https://lists.fd.io/mt/32317374/675152 
> <https://lists.fd.io/mt/32317374/675152>
> Group Owner: vpp-dev+ow...@lists.fd.io <mailto:vpp-dev+ow...@lists.fd.io>
> Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub 
> <https://lists.fd.io/g/vpp-dev/unsub>  [fcoras.li...@gmail.com 
> <mailto:fcoras.li...@gmail.com>]
> -=-=-=-=-=-=-=-=-=-=-=-


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#13455): https://lists.fd.io/g/vpp-dev/message/13455
Mute This Topic: https://lists.fd.io/mt/32318664/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to