On Tue, Jan 28, 2020 at 07:57:42PM +0100, Adam KuĊagowski wrote:
Hi,
Is the following configuration supported ?
Hi Probably not. The neighbor address (in this case 0.0.0.0) is passed to kernel in TCP_MD5SIG socket option, but i guess that passing zero address just make it to fail silently. There is also (AFAIK) no way to pass a range to kernel. So probably we should just add configuration check and reject password together with range.
protocol bgp { debug { states, routes, filters, interfaces, events, packets }; debug all; ipv4 { import none; export filter export_bgp; }; local as 65001; neighbor range 0.0.0.0/0 as 65001 internal; #neighbor 10.255.254.3 as 65001 internal; password "12345678"; }
-- Elen sila lumenn' omentielvo Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."