# TCP option for carrying an MD5 [RFC1321] digest



## Eugene42 (Feb 10, 2010)

Hi all,
we are using quagga for BGP with TCP MD5 option. Everything looks good but there is only one 'bug'. When FreeBSD terminates TCP connection  then termination does not go flowlessly.
So, normal tcp connection tearing down procedure:
---FIN--->
<---ACK---
<---FIN---
----ACK--->
The problem is the last ACK coming from FreeBSD does not contain TCP MD5 digest at all. Cisco (our peer) does not accept it and keeps sending FINs hoping to receive ACK with correct MD5 digest. RFC1321 does not say anything about final ACK's whether they should contain MD5 or no. So whose this bug is? Cisco's or FreeBSD's?
Tested on 7.2-RELEASE-p5.
Thanks.
Eugene.


----------



## Eugene42 (Feb 10, 2010)

Sorry, I meant RFC2385 does not say ...


----------

