Santos:CCNA Sec 210-260 OCG

Implement Routing Update Authentication on BGP

Peer authentication with MD5 creates an MD5 digest of each packet sent as part of a BGP session. Specifically, portions of the IP and TCP headers, TCP payload, and a secret key are used to generate the digest.

The created digest is then stored in TCP option Kind 19, which was created specifically for this purpose by RFC 2385. The receiving BGP speaker uses the same algorithm and secret key to regenerate the message digest. If the received and computed digests are not identical, the packet is discarded.

Note

The TCP option Kind 19 (MD5 Signature Option) has been obsoleted by TCP option Kind 29.

Peer authentication with MD5 is configured with the password option to the neighbor BGP router configuration ...

Get Santos:CCNA Sec 210-260 OCG now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Santos:CCNA Sec 210-260 OCG by John Stuppi, Omar Santos

Implement Routing Update Authentication on BGP

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly