More MD5 fun: Cisco uses wrong MD5 key for old session after key change

• Previous message (by thread): More MD5 fun: Cisco uses wrong MD5 key for old session after key change
• Next message (by thread): Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5 key for old session after key change)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat Apr 24, 2004 at 10:21:03PM +0200, sthaug at nethelp.no wrote:
> Meanwhile, the new session (with the new MD5 key) is up and all is
> well *on that session*. But because the Cisco side keeps logging
> these messages, it *looks* like the new session is somehow not
> working.
> 
> As far as I can see, the bug here is clearly on the Cisco side. We
> will definitely be logging a TAC case about this.

Yes - I've noticed this when configuring MD5 on sessions. If I let the
old session timeout due to md5 mismatch, and then let it re-establish,
then the session seems to work, but continues to log the MD5 errors.

Doing a "clear ip bgp <nei>" on my side removes the problem.

Simon
-- 
Simon Lockhart     |   Tel: +44 (0)1628 407720 (x(01)37720) | Si fractum 
Technology Manager |   Fax: +44 (0)1628 407701 (x(01)37701) | non sit, noli 
BBC Internet Ops   | Email: Simon.Lockhart at bbc.co.uk        | id reficere
BBC Technology, Maiden House, Vanwall Road, Maidenhead. SL6 4UB. UK

• Previous message (by thread): More MD5 fun: Cisco uses wrong MD5 key for old session after key change
• Next message (by thread): Juniper failes to change keys (More MD5 fun: Cisco uses wrong MD5 key for old session after key change)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]