[prev in list] [next in list] [prev in thread] [next in thread]
List: cisco-nsp
Subject: Re: [c-nsp] Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions?
From: Gert Doering via cisco-nsp <cisco-nsp () puck ! nether ! net>
Date: 2023-09-27 7:05:42
Message-ID: ZRPURnFdNzITTBLD () greenie ! muc ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Hi,
On Wed, Sep 27, 2023 at 08:48:44AM +0800, Barry Greene via cisco-nsp wrote:
> Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions?
Not me. Not sure if my vendors do support it (IOS XR and Arista EOS),
but I do not see significant benefit.
TBH, most of our (non-multihop) eBGP sessions do not even deploy MD5, as
the whole password management thing adds another source of operational
friction.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany gert@greenie.muc.de
["signature.asc" (application/pgp-signature)]
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic