[c-nsp] RIP and MD5 problem

Maxim Tuliuk mt at primats.org.ua
Sat Aug 27 07:12:52 EDT 2005 

Some time ago, I tried to use md5-auth between cisco and quagga for rip and
ospf, but... two-day debugging got nothing. In the end, I set up filterring
ospf-like protocol/addressess with firewall and forgot about inequality
between quaaga and cisco

On Fri, Aug 26, 2005 at 11:50 +0200, Thomas Braun wrote:
> Hi,
> 
> >I see Quagga is sending MD5  encrypted Data but the Cisco isn't sending
> >authentication data.
> >Without using authentication there is no problem.
> >  
> >
> Nobody has tried it or is using md5 authentication with rip on IOS
> 12.2.25S5?
> I haven't found a rip + md5 bug on the Cisco site.
> 
> Here is a sh ip proto output
> Routing Protocol is "rip"
>   Sending updates every 30 seconds, next due in 26 seconds
>   Invalid after 180 seconds, hold down 180, flushed after 240
>   Outgoing update filter list for all interfaces is not set
>   Incoming update filter list for all interfaces is not set
>     GigabitEthernet0/2.133 filtered by (prefix-list) TEST
>   Redistributing: rip
>   Default version control: send version 2, receive version 2
>     Interface             Send  Recv  Triggered RIP  Key-chain
>     GigabitEthernet0/2.13 2     2                    TEST
>   Automatic network summarization is not in effect
>   Maximum path: 4
>   Routing for Networks:
>     212.117.87.0
>   Passive Interface(s):
> 
> debug ip rip from cisco  tells  me :
> Aug 26 11:46:32.502: RIP: received packet with MD5 authentication
> Aug 26 11:46:32.502: RIP: ignored v2 packet from X.X.87.147 (invalid
> authentication)
> Aug 26 11:46:33.930: RIP: sending v2 update to 224.0.0.9 via
> GigabitEthernet0/2.133 (X.X.87.145)
> 
> debug ip rip from the quagga site tells me:
> RIP: RIPv2 authentication failed: no authentication in packet
> 
> And in the captured packte is no md5 authentication coming from the cisco.
> 
> Thanks thomas
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

-- 
Maxim Tuliuk
WWW: http://primats.org.ua/~mt/
ICQ: 21134222

The bike is absolute freedom of moving

More information about the cisco-nsp mailing list