nanog mailing list archives

Re: MD5 considered harmful

From: Jeff Wheeler <jsw () inconcepts biz>
Date: Fri, 27 Jan 2012 18:43:06 -0500

On Fri, Jan 27, 2012 at 6:35 PM, Keegan Holley
<keegan.holley () sungard com> wrote:

realizes that it's ok to let gig-e auto-negotiate.  I've never really
seen MD5 cause issues.


I have run into plenty of problems caused by MD5-related bugs.

6500/7600 can still figure the MSS incorrectly when using it.  It used
to be possible for that particular box to send over-sized frames out
Ethernet ports with MD5 enabled, which of course were likely to be
dropped by the neighboring router or switching equipment (perhaps even
carrier Ethernet equipment.)  Obviously that can be a chore to
troubleshoot.

Sometimes we choose to use it.  Sometimes we don't.

-- 
Jeff S Wheeler <jsw () inconcepts biz>
Sr Network Operator  /  Innovative Network Concepts

Current thread:

MD5? Brian Stengel (Jan 27)
- Re: MD5? Seth Mattinen (Jan 27)
  - Re: MD5? Christopher Morrow (Jan 27)
    - Re: MD5? Jon Lewis (Jan 27)
    - Re: MD5? Christopher Morrow (Jan 27)
    - MD5 considered harmful Patrick W. Gilmore (Jan 27)
    - Re: MD5 considered harmful Christopher Morrow (Jan 27)
    - Re: MD5 considered harmful Grzegorz Janoszka (Jan 27)
    - Re: MD5 considered harmful Jared Mauch (Jan 27)
    - Re: MD5 considered harmful Keegan Holley (Jan 27)
    - Re: MD5 considered harmful Jeff Wheeler (Jan 27)
    - Re: MD5 considered harmful Keegan Holley (Jan 27)
    - Re: MD5 considered harmful Zaid Ali (Jan 27)
    - Re: MD5 considered harmful Patrick W. Gilmore (Jan 27)
    - Re: MD5 considered harmful John Kristoff (Jan 30)
    - Re: MD5 considered harmful Keegan Holley (Jan 30)
    - Re: MD5 considered harmful harbor235 (Jan 31)
    - Re: MD5 considered harmful David Barak (Jan 31)
    - Re: MD5 considered harmful Nick Hilliard (Jan 31)
    - Re: MD5 considered harmful harbor235 (Jan 31)
    - Re: MD5 considered harmful Lee (Jan 31)

(Thread continues...)