Thanks Pawel, Yeah I have this working on FreeBSD and Quagga but Bird / OpenBSD I am struggling with :( . Anyone out there got a working example of the steps required from MD5 authentication for BGP neighbours using Bird on OpenBSD?. Thanks daz On 21 February 2017 at 17:43, Paweł Nastachowski < Pawel.Nastachowski@eu.equinix.com> wrote:

Hi,

sorry my fault, I use setkey on freebsd. Maybe You can try http://man.openbsd.org/ipsec.conf.5

Wiadomość napisana przez Darren Marshall <darren@tuff.org.uk> w dniu 21.02.2017, o godz. 18:35:

Hi Pawel,

Thanks for this , much appreciated , do you know what package set key is part of , I don't have it on my system at the moment!

Cheers daz

On 21 February 2017 at 17:00, Paweł Nastachowski <Pawel.Nastachowski@eu. equinix.com> wrote:

...

Wiadomość napisana przez Darren Marshall <darren@tuff.org.uk> w dniu 21.02.2017, o godz. 17:01:

I'm googling like crazy and can't seem to find an example of how to configure MD5 authentication between BGP peers using Bird running on OpenBSD, does someone out there have a guide for this? The Bird config is straightforward but I'm missing the 'glue' at the OS level! Also does anyone know if the stock Generic kernel supports TCP MD5 signatures out of the box (OpenBSD 6.0) , looking at the kernel config file it would appear it has the option compiled in , anyone know how to check?.

You can use setkey. For example:

cat bgp-md5.conf flush; add 195.182.218.100 195.182.218.39 tcp 0x1000 -A tcp-md5 „password”

and

setkey -f bgp-mf5.conf

— Paweł Nastachowski Technical Manager

EQUINIX | Al. Jerozolimskie 65/79 Warsaw 00-697 Warszawa, Poland E pawel.nastachowski@eu.equinix.com | T +48 22 427 39 98 | M +48 667 383 108 <+48%20667%20383%20108>

HOW ARE WE DOING? <http://www.customersat3.com/csc/equinix> Please click here to Tell Equinix - We're Listening

Equinix.com <http://www.equinix.com/> | Twitter <https://twitter.com/equinix> | LinkedIn <http://www.linkedin.com/company/equinix> | Facebook <http://www.facebook.com/Equinix> | YouTube <http://www.youtube.com/user/equinixvideos> Equinix (Poland) Sp. z o.o. jest wpisana do Rejestru Przedsiębiorców Krajowego Rejestru Sądowego prowadzonego przez Sąd Rejonowy dla m. st. Warszawy w Warszawie, XII Wydział Gospodarczy, pod numerem KRS 0000295130, NIP 7010109699, REGON 141274596. Kapitał zakładowy spółki wynosi 530.000zł. Equinix (Poland) Sp. z o.o. is entered into the National Court Register maintained by the District Court for the Capital City of Warsaw, XII Economic Department in Warsaw, under KRS number 0000295130, VAT-ID PL7010109699, REGON 141274596.The share capital is PLN 530,000

— Paweł Nastachowski Technical Manager

EQUINIX | Al. Jerozolimskie 65/79 Warsaw 00-697 Warszawa, Poland E pawel.nastachowski@eu.equinix.com | T +48 22 427 39 98 | M +48 667 383 108 <+48%20667%20383%20108>

HOW ARE WE DOING? <http://www.customersat3.com/csc/equinix> Please click here to Tell Equinix - We're Listening

Equinix.com <http://www.equinix.com/> | Twitter <https://twitter.com/equinix> | LinkedIn <http://www.linkedin.com/company/equinix> | Facebook <http://www.facebook.com/Equinix> | YouTube <http://www.youtube.com/user/equinixvideos> Equinix (Poland) Sp. z o.o. jest wpisana do Rejestru Przedsiębiorców Krajowego Rejestru Sądowego prowadzonego przez Sąd Rejonowy dla m. st. Warszawy w Warszawie, XII Wydział Gospodarczy, pod numerem KRS 0000295130, NIP 7010109699, REGON 141274596. Kapitał zakładowy spółki wynosi 530.000zł. Equinix (Poland) Sp. z o.o. is entered into the National Court Register maintained by the District Court for the Capital City of Warsaw, XII Economic Department in Warsaw, under KRS number 0000295130, VAT-ID PL7010109699, REGON 141274596.The share capital is PLN 530,000