[prev in list] [next in list] [prev in thread] [next in thread]
List: quagga-users
Subject: [quagga-users 12293] Removing RIPv1 (was: Torus network and Quagga)
From: "Tyler J. Wagner" <tyler () tolaris ! com>
Date: 2011-05-18 4:42:27
Message-ID: 1305693747.16818.3.camel () baal
[Download RAW message or body]
On Tue, 2011-05-17 at 21:03 +0100, Nick Hilliard wrote:
> Meanwhile, the default configuration on quagga is to accept both ripv1 and
> ripv2 announcements. This is really broken behaviour because ripv1 is a
> fundamentally broken protocol which cannot be fixed. So if you configure
> up a rip router on your quagga installation, by default you are listen for
> v1 probably without knowing it, and consequently you are running the risk
> of introducing unintentional breakage into your network if someone happens
> to stick a ripv1 speaker on your net. There's no authentication support
> and no access-list support in quagga to filter this out either.
I agree that defaulting to listen for RIPv1 is a mistake and that should
be fixed. But there is no reason to remove support altogether, for the
reasons Lennart made clear.
While Quagga doesn't have filter/ACL support, I use iptables for this
purpose and it works fine.
Regards,
Tyler
--
"A society that will trade a little order for a little freedom will
lose both, and deserve neither."
-- Thomas Jefferson
_______________________________________________
Quagga-users mailing list
Quagga-users@lists.quagga.net
http://lists.quagga.net/mailman/listinfo/quagga-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic