Subject: openbgpd 3.7
To: None <tech-net@netbsd.org>
From: Thomas E. Spanjaard <tgen@netphreax.net>
List: tech-net
Date: 01/22/2006 13:59:49
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigDB7851B6B7248D425390898E
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
I have finished my port of OpenBGPd 3.7, with support for TCP MD5
signatures. It's available via subversion from
svn://svn.netphreax.net/openbgpd/branches/openbgpd-3-7 . As I think I
have ironed the problems out, I want others to test, and perhaps include
it in base. Note that IPsec ESP/AH authentication isn't operational yet,
as someone(*cough* riz *cough* ;)) needs to upgrade our IPsec/SA stuff
to what OpenBSD has. Also, you need to run a -current dated post the
17th of January (or rather, have version 1.11 of
src/sys/dist/pf/net/pfvar.h), or patch /usr/include/net/pfvar.h to
include <netinet/in.h> yourself. This way, it works from NetBSD_3.0 and
up, perhaps even some 2.99.x -currents. I have tested it personally on
3.0_STABLE, 3.0_RELEASE, and 3.99.9.
The Makefile is a bit of a kludge, and doesn't set the right
modes/uids/gids on the rcscript and sample bgpd.conf yet (the
'etcinstall' target). This code will go once openbgpd is integrated in base.
For TCP MD5 signatures, be sure to run a kernel with options IPSEC or
FAST_IPSEC and options TCP_SIGNATURE. The key is set by bgpd itself, and
configured from /etc/bgpd.conf, instead of setkey(8) incantations quagga
currently seems to require.
I have also posted this on http://blog.onetbsd.de/.
Cheers,
--
Thomas E. Spanjaard
tgen@netphreax.net
--------------enigDB7851B6B7248D425390898E
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)
iD8DBQFD04/Z6xCMwBJ+1+sRA0QuAJ40fqogpCZnFa4no5a920Wo+SO28ACfUWB9
6ICmhXNm7SalU4Tvwua6tmw=
=5hul
-----END PGP SIGNATURE-----
--------------enigDB7851B6B7248D425390898E--