Re: RIP authentication / BADAUTH

From: Frank (ocsic@web.de)
Date: Thu Sep 28 2006 - 07:33:20 ART

• Next message: Thomwin Chen: "Re: SFP Ports on Cisco 3560 ?"
• Previous message: Guixi Tong - Contractor: "RE: SFP Ports on Cisco 3560 ?"
• Maybe in reply to: Frank: "RIP authentication / BADAUTH"
• Next in thread: Udo: "Re: RIP authentication / BADAUTH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Michal.Grzybczyk@vattenfall.pl schrieb:

Hi Michal,

thanks. Of coures your right. Just messed that one with the RIP debug.
Of course 179 belongs tp BGP. Haven't seen that.

Frank
>
> Hello,
>
> It is problem known in BGP session with MD5.
> Haven't you got BGP configured on your router as well ?
>
> And on your log I can see :
> [...] from 192.10.1.8 ( 179 )
>
> 179 is BGP TCP port
>
> I guess, it is not a problem with RIP.
>
> -----
> If a router has a password configured for a neighbor, but the neighbor router does not, a message such as the following will appear on the console while the routers attempt to establish a BGP session between them:
>
> %TCP-6-BADAUTH: No MD5 digest from [peer's IP address]:11003 to [local router's
> IP address]:179
> ------
>
>
> Regards,
> Michal Grzybczyk
>
>
>
>
>
> Hi,
>
> two routers talking RIP with MD5 authentication and sometime the message
> "%TCP-6-BADAUTH: No MD5 digest from 192.10.1.8(179) to
> 192.10.1.254(11017) (RST)" appears in the log of one router. The other one is fine. Sometime it seems, that there is a mismatch in Authentication. But not always.
> Has someone an idea? Running c2500-is-l.122-8.T on the router.
>
> Frank
>
>
> Both are configured like this:
>
> interface Vlan28
> ip address 192.10.1.8 255.255.255.0
> ip rip authentication mode md5
> ip rip authentication key-chain RIP
>
>
> interface Ethernet0
> ip address 192.10.1.254 255.255.255.0
> ip rip authentication mode md5
> ip rip authentication key-chain RIP
>
>
>
> Mar 1 00:04:44.511: RIP: received packet with MD5 authentication Mar 1 00:04:44.511: RIP: received v2 update from 192.10.1.8 on Ethernet0
> Mar 1 00:04:44.515: 150.1.3.3/32 via 0.0.0.0 in 1 hops
> Mar 1 00:04:44.519: 150.1.8.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:04:44.523: 187.1.3.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:04:44.639: %TCP-6-BADAUTH: No MD5 digest from 192.10.1.8(179) to 192.10.1.254(11017) (RST) Mar 1 00:04:47.263: RIP: sending v2 update to 224.0.0.9 via Ethernet0
> (192.10.1.254)
> Mar 1 00:04:47.267: RIP: build update entries
> Mar 1 00:04:47.271: 205.90.31.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:04:47.275: 220.20.3.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:04:47.279: 222.22.2.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:04:48.635: %TCP-6-BADAUTH: No MD5 digest from 192.10.1.8(179) to 192.10.1.254(11017) (RST) Mar 1 00:04:56.635: %TCP-6-BADAUTH: No MD5 digest from 192.10.1.8(179) to 192.10.1.254(11017) (RST) Mar 1 00:05:11.291: RIP: received packet with MD5 authentication Mar 1 00:05:11.291: RIP: received v2 update from 192.10.1.8 on Ethernet0
> Mar 1 00:05:11.295: 150.1.3.3/32 via 0.0.0.0 in 1 hops
> Mar 1 00:05:11.299: 150.1.8.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:05:11.303: 187.1.3.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:05:14.511: RIP: sending v2 update to 224.0.0.9 via Ethernet0
> (192.10.1.254)
> Mar 1 00:05:14.515: RIP: build update entries
> Mar 1 00:05:14.519: 205.90.31.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:05:14.523: 220.20.3.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:05:14.527: 222.22.2.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:05:39.439: RIP: received packet with MD5 authentication Mar 1 00:05:39.443: RIP: received v2 update from 192.10.1.8 on Ethernet0
> Mar 1 00:05:39.443: 150.1.3.3/32 via 0.0.0.0 in 1 hops
> Mar 1 00:05:39.447: 150.1.8.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:05:39.451: 187.1.3.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:05:41.279: RIP: sending v2 update to 224.0.0.9 via Ethernet0
> (192.10.1.254)
> Mar 1 00:05:41.283: RIP: build update entries
> Mar 1 00:05:41.287: 205.90.31.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:05:41.291: 220.20.3.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:05:41.295: 222.22.2.0/24 via 0.0.0.0, metric 7, tag 0
> Mar 1 00:06:07.283: RIP: received packet with MD5 authentication Mar 1 00:06:07.287: RIP: received v2 update from 192.10.1.8 on Ethernet0
> Mar 1 00:06:07.291: 150.1.3.3/32 via 0.0.0.0 in 1 hops
> Mar 1 00:06:07.295: 150.1.8.0/24 via 0.0.0.0 in 1 hops
> Mar 1 00:06:07.299: 187.1.3.0/24 via 0.0.0.0 in 1 hops
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Thomwin Chen: "Re: SFP Ports on Cisco 3560 ?"
• Previous message: Guixi Tong - Contractor: "RE: SFP Ports on Cisco 3560 ?"
• Maybe in reply to: Frank: "RIP authentication / BADAUTH"
• Next in thread: Udo: "Re: RIP authentication / BADAUTH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:41 ART