Touble ospf md5 authentication
Dear, bird-users@atrey.karlin.mff.cuni.cz. Who has a working BIRD 1.2.1 ospf md5 authentication and Cisco? ---Log File------ Mar 16 17:34:52 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 16 17:34:52 vulture2 bird: Bad OSPF packet from 93.125.5.141 - authentification failed ------------------------- ------Configuration----------- protocol ospf MyOSPF { import all; # export all; area 2 { stub no; networks { 93.125.5.128/27; }; interface "vlan200" { priority 0; password "xxxxxx" { id 5; }; authentication cryptographic; }; }; } ------------------------- -- Best regards, Vitaliy Kolodinsky
On Fri, Mar 19, 2010 at 01:57:36PM +0200, Vitaliy Kolodinsky wrote:
Dear, bird-users@atrey.karlin.mff.cuni.cz.
Who has a working BIRD 1.2.1 ospf md5 authentication and Cisco?
---Log File------ Mar 16 17:34:52 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 16 17:34:52 vulture2 bird: Bad OSPF packet from 93.125.5.141 - authentification failed
That is strange, could you send me an output of tcpdump on that packets? (tcpdump -s 0 -x) -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
Dear, Ondrej Zajicek. Вы писали 19 марта 2010 г., 16:05:04:
On Fri, Mar 19, 2010 at 01:57:36PM +0200, Vitaliy Kolodinsky wrote:
Dear, bird-users@atrey.karlin.mff.cuni.cz.
Who has a working BIRD 1.2.1 ospf md5 authentication and Cisco?
---Log File------ Mar 16 17:34:52 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 16 17:34:52 vulture2 bird: Bad OSPF packet from 93.125.5.141 - authentification failed
That is strange, could you send me an output of tcpdump on that packets? (tcpdump -s 0 -x)
16:06:51.521476 IP 93.125.5.138 > 224.0.0.5: OSPFv2, Hello, length: 108 0x0000: 45c0 0090 af0c 0000 0159 c63c 5d7d 058a 0x0010: e000 0005 0201 0048 5d7d 058a 0000 0002 0x0020: 0000 0002 0000 0510 4ba1 5a10 ffff ffe0 0x0030: 000a 1200 0000 0028 5d7d 0587 0000 0000 0x0040: 5d7d 0506 5d7d 0507 5d7d 0586 5d7d 0588 0x0050: 5d7d 058b 5d7d 058c d5b8 e114 6236 9632 0x0060: 077c dcfa 7ea2 cac8 d7c3 af5c 0000 0009 0x0070: 0001 0004 0000 0001 0002 0014 4ba1 5a10 0x0080: 6726 c4b0 26dc 0582 874c 7296 98eb ce77 16:06:53.525031 IP 93.125.5.133 > 224.0.0.5: OSPFv2, Hello, length: 108 0x0000: 45c0 0090 495f 0000 0159 2bef 5d7d 0585 0x0010: e000 0005 0201 0048 5d7d 0506 0000 0002 0x0020: 0000 0002 0000 0510 4ba2 cd13 ffff ffe0 0x0030: 000a 1200 0000 0028 5d7d 0587 0000 0000 0x0040: 5d7d 0507 5d7d 0586 5d7d 0588 5d7d 058a 0x0050: 5d7d 058b 5d7d 058c d5b8 e114 c33e e87d 0x0060: 19f8 6dd2 3892 e4b8 bf9b 70d7 0000 0009 0x0070: 0001 0004 0000 0001 0002 0014 4ba2 cd13 0x0080: 0f41 ed82 0ae3 c693 6428 af08 8a47 3648 16:06:53.896032 IP 93.125.5.139 > 224.0.0.5: OSPFv2, Hello, length: 108 0x0000: 45c0 0090 3e6e 0000 0159 36da 5d7d 058b 0x0010: e000 0005 0201 0048 5d7d 058b 0000 0002 0x0020: 0000 0002 0000 0510 4ba2 61c8 ffff ffe0 0x0030: 000a 1200 0000 0028 5d7d 0587 0000 0000 0x0040: 5d7d 0506 5d7d 0507 5d7d 0586 5d7d 0588 0x0050: 5d7d 058a 5d7d 058c d5b8 e114 0c7d 0dac 0x0060: b3fd fd3d 9916 d949 8efd a327 0000 0009 0x0070: 0001 0004 0000 0001 0002 0014 4ba2 61c8 0x0080: b599 46e0 d304 2213 c442 5821 8e1b c562 16:06:54.470461 IP 93.125.5.135 > 224.0.0.5: OSPFv2, LS-Update, length: 64 0x0000: 45c0 0064 f0b1 0000 0159 84c6 5d7d 0587 0x0010: e000 0005 0204 0040 d5b8 e114 0000 0002 0x0020: 0000 0002 0000 0510 4bac fa49 0000 0001 0x0030: 0e10 2005 0a80 0284 5d7d 0588 8000 0002 0x0040: 4377 0024 ffff ffff 00ff ffff 0000 0000 0x0050: 0000 0000 27a9 7d32 4b03 1f70 625c b1ab 0x0060: 1311 6dc0 16:06:54.471771 IP 93.125.5.134 > 224.0.0.6: OSPFv2, LS-Ack, length: 44 0x0000: 45c0 0050 ba4c 0000 0159 bb3f 5d7d 0586 0x0010: e000 0006 0205 002c 5d7d 0586 0000 0002 0x0020: 0000 0002 0000 0510 0005 5084 0e10 2005 0x0030: 0a80 0284 5d7d 0588 8000 0002 4377 0024 0x0040: fe2a f44a a621 7612 cb02 dfb0 764c 7c4b 16:06:54.543948 IP 93.125.5.135 > 224.0.0.5: OSPFv2, LS-Update, length: 64 0x0000: 45c0 0064 f0b2 0000 0159 84c5 5d7d 0587 0x0010: e000 0005 0204 0040 d5b8 e114 0000 0002 0x0020: 0000 0002 0000 0510 4bac fa4a 0000 0001 0x0030: 0e10 2005 0a80 013b 5d7d 0588 8000 0002 0x0040: 2bd9 0024 ffff ffff 00ff ffff 0000 0000 0x0050: 0000 0000 bfcf ad0e ec4a 8105 a36a c4b4 0x0060: 8e0d 1c1c 16:06:54.712154 IP 93.125.5.141 > 224.0.0.5: OSPFv2, Hello, length: 108 0x0000: 45c0 0090 9e27 0000 0159 d71e 5d7d 058d 0x0010: e000 0005 0201 0048 5d7d 0507 0000 0002 0x0020: 0000 0002 0000 0510 4ba3 661a ffff ffe0 0x0030: 000a 1200 0000 0028 5d7d 0587 0000 0000 0x0040: 5d7d 0506 5d7d 0586 5d7d 0588 5d7d 058a 0x0050: 5d7d 058b 5d7d 058c d5b8 e114 df1f 8fc6 0x0060: 07e8 35a1 7edb 9ec7 6346 7041 0000 0009 0x0070: 0001 0004 0000 0001 0002 0014 4ba3 661a 0x0080: 2514 486c c8c7 7831 b6db bfa6 5196 833a Mar 19 16:06:51 vulture2 bird: MyOSPF: Running ospf_age cleanup Mar 19 16:06:51 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 19 16:06:51 vulture2 bird: Bad OSPF packet from 93.125.5.138 - authentification failed Mar 19 16:06:53 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 19 16:06:53 vulture2 bird: Bad OSPF packet from 93.125.5.133 - authentification failed Mar 19 16:06:53 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 19 16:06:53 vulture2 bird: Bad OSPF packet from 93.125.5.139 - authentification failed Mar 19 16:06:54 vulture2 bird: MyOSPF: LSUPD packet received from 93.125.5.135 via vlan200 Mar 19 16:06:54 vulture2 bird: MyOSPF: length 64 Mar 19 16:06:54 vulture2 bird: MyOSPF: router 213.184.225.20 Mar 19 16:06:54 vulture2 bird: MyOSPF: LSA Type: 0005, Id: 10.128.2.132, Rt: 93.125.5.136, Age: 3600, Seq: 80000002, Sum: 4377 Mar 19 16:06:54 vulture2 bird: MyOSPF: Scheduling routing table calculation Mar 19 16:06:54 vulture2 bird: MyOSPF: Going to remove LSA Type: 0005, Id: 10.128.2.132, Rt: 93.125.5.136, Age: 3600, Seqno: 0x80000002 Mar 19 16:06:54 vulture2 bird: MyOSPF: Starting routing table calculation Mar 19 16:06:54 vulture2 bird: MyOSPF: Starting routing table calculation for area 0.0.0.2 Mar 19 16:06:54 vulture2 bird: Cannot find next hop for LSA (Type: 0001, Id: 93.125.5.6, Rt: 93.125.5.6) Mar 19 16:06:54 vulture2 bird: Cannot find next hop for LSA (Type: 0001, Id: 93.125.5.136, Rt: 93.125.5.136) Mar 19 16:06:54 vulture2 bird: Cannot find next hop for LSA (Type: 0001, Id: 93.125.5.138, Rt: 93.125.5.138) Mar 19 16:06:54 vulture2 bird: Cannot find next hop for LSA (Type: 0001, Id: 93.125.5.139, Rt: 93.125.5.139) Mar 19 16:06:54 vulture2 bird: Cannot find next hop for LSA (Type: 0001, Id: 93.125.5.140, Rt: 93.125.5.140) Mar 19 16:06:54 vulture2 bird: Cannot find next hop for LSA (Type: 0001, Id: 93.125.5.7, Rt: 93.125.5.7) Mar 19 16:06:54 vulture2 bird: MyOSPF: Starting routing table calculation for inter-area (area 0.0.0.2) Mar 19 16:06:54 vulture2 bird: MyOSPF: Starting routing table calculation for ext routes Mar 19 16:06:54 vulture2 bird: MyOSPF: Starting routing table synchronisation Mar 19 16:06:54 vulture2 bird: MyOSPF > ignored 93.125.5.128/27 dev vlan200 Mar 19 16:06:54 vulture2 bird: MyOSPF: LSACK packet sent via vlan200 Mar 19 16:06:54 vulture2 bird: MyOSPF: length 44 Mar 19 16:06:54 vulture2 bird: MyOSPF: router 93.125.5.134 Mar 19 16:06:54 vulture2 bird: MyOSPF: LSA Type: 0005, Id: 10.128.2.132, Rt: 93.125.5.136, Age: 3600, Seq: 80000002, Sum: 4377 Mar 19 16:06:54 vulture2 bird: MyOSPF: LSUPD packet received from 93.125.5.135 via vlan200 Mar 19 16:06:54 vulture2 bird: MyOSPF: length 64 Mar 19 16:06:54 vulture2 bird: MyOSPF: router 213.184.225.20 Mar 19 16:06:54 vulture2 bird: MyOSPF: LSA Type: 0005, Id: 10.128.1.59, Rt: 93.125.5.136, Age: 3600, Seq: 80000002, Sum: 2bd9 Mar 19 16:06:54 vulture2 bird: MyOSPF: Scheduling routing table calculation Mar 19 16:06:54 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 19 16:06:54 vulture2 bird: Bad OSPF packet from 93.125.5.141 - authentification failed -- Best regards, Vitaliy Kolodinsky BYVK-RIPE ISP Atlant Telecom kolodinsky@telecom.by
On Fri, Mar 19, 2010 at 04:15:27PM +0159, Vitaliy Kolodinsky wrote:
Dear, Ondrej Zajicek.
?? ?????? 19 ????? 2010 ?., 16:05:04:
On Fri, Mar 19, 2010 at 01:57:36PM +0200, Vitaliy Kolodinsky wrote:
Dear, bird-users@atrey.karlin.mff.cuni.cz.
Who has a working BIRD 1.2.1 ospf md5 authentication and Cisco?
---Log File------ Mar 16 17:34:52 vulture2 bird: MyOSPF: OSPF_auth: size mismatch (88 vs 124) Mar 16 17:34:52 vulture2 bird: Bad OSPF packet from 93.125.5.141 - authentification failed
That is strange, could you send me an output of tcpdump on that packets? (tcpdump -s 0 -x)
Hmm, it seems that Cisco just sends some trash after the end of OSPF packet. Perhaps it would suffice to remove the check in BIRD, but i personally don't test this compatibility. -- Elen sila lumenn' omentielvo Ondrej 'SanTiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."
participants (2)
-
Ondrej Zajicek -
Vitaliy Kolodinsky