[j-nsp] Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions?
Saku Ytti
saku at ytti.fi
Wed Sep 27 01:35:18 EDT 2023
On Wed, 27 Sept 2023 at 03:50, Barry Greene via juniper-nsp
<juniper-nsp at puck.nether.net> wrote:
> Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions?
>
> I’m not touching routers right now. I’m wondering if anyone has deployed, your experiences, and thoughts?
For the longest time (like close to decade) no one supported it at
all, not even Juniper, because Juniper implementation was pre-RFC
which was incompatible with RFC.
To my understanding today there is support in Junos, IOS-XE, IOS-XR,
SROS, EOS and VRP. I have no operational experience to share.
--
++ytti
More information about the juniper-nsp
mailing list