North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Internet failures over the next 3 years - slight tangent

  • From: Tony Li
  • Date: Wed Jun 23 02:25:29 1999

> There is already a option in the BGP OPEN message to add authentication on
> a BGP session.  However, the RFC doesn't specify an authenitcation method
> to use.  Of course securing the level 4 BGP session without securing the
> underlying TCP session is a weakness, so there is a proposal to implement
> an MD5 TCP authentication method.  Does anyone know the status of this
> proposal?

Please see RFC 2385.  There are multiple (interoperable) implementations.  All
you have to do is turn it on....

Tony