[j-nsp] Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions?
Michael Hare
michael.hare at wisc.edu
Wed Sep 27 10:56:04 EDT 2023
FWIW, I deployed it for iBGP on MX gear in 20.4 with no concerns for an ASN I manage. No issues in our lab with a mix of 20.4, 21.2 and 22.4, all classic JunOS. I haven't tried it any other scenario.
-Michael
> -----Original Message-----
> From: juniper-nsp <juniper-nsp-bounces at puck.nether.net> On Behalf Of Barry
> Greene via juniper-nsp
> Sent: Tuesday, September 26, 2023 7:50 PM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] Q. Is anyone deploying TCP Authentication Option (TCP-AO) on
> their BGP peering Sessions?
>
> Hi Team,
>
> Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP
> peering Sessions?
>
> I’m not touching routers right now. I’m wondering if anyone has deployed,
> your experiences, and thoughts?
>
> This is suppose to be the “replacement” for BGP MD5, ‘but’ I’m hearing …..
>
> 1. The Vendors are not supporting yet. Which means a lot of older systems
> would not be able to support a BGP session with TCP-AO.
> 2. People have to tried is operationally.
>
> Sharing you thoughts would be helpful …...
>
> Thanks,
>
> Barry
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list