Tuesday, 7 February 2017

Know Your Options Before Selecting a Routing Protocol

Routers and switches make up the bulk of the network infrastructure and are vulnerable to attack. In a previous article, I talked about some of the different ways of hardening your network devices. In this blog, I’d like to specifically examine the routing protocols used on the major Cisco network operating systems.

All the routing protocols have the option to authenticate the neighbors (other routers) and the routing updates that are being received. Except for Open Shortest Path First version 3 (OSPFv3), all routing protocols have built-in methods to authenticate their peers to confirm the updates are coming from a trusted source. OSPFv3 uses IPv6 native IPsec support to authenticate and/or encrypt the OSPFv3 packets and, therefore, has the strongest security options of any of the routing protocols.

Depending on the version of code and protocol, there are various options for authentication of the routing protocols.

With Routing Information Protocol version 2 (RIPv2), OSPFv2 and Intermediate System to Intermediate System (IS-IS), clear text passwords are still an option even though they should never be used since they can be easily seen using a protocol analyzer capturing the traffic between devices. Message Digest 5 (MD5) hashing algorithm is available for all the routing protocols, but is considered to be broken. Still, it remains a better option than clear text passwords and uses 128 bits for authentication.

For Enhanced Interior Gateway Protocol (EIGRP) and Border Gateway Protocol (BGP), MD5 had been the only option for authentication until recently. Secure Hashing Algorithm (SHA) is better if available in your release of code. SHA is a family of different hashing algorithms: SHA-0 with a 160-bit hash algorithm is better than MD5, but is considered to be broken. SHA-1, also a 160-bit hash algorithm, fixes some of the issues of SHA-0, but has some of its own issues. SHA-2, which includes SHA224, SHA256, SHA512, SHA512/224 and SHA512/256, is currently considered secure. There are SHA-3 specifications, which use the same hash lengths as SHA-2, but with different internal operations. A version of SHA is available for BGP, EIGRP and OSPFv2, depending on code and licensing.

Let’s take a closer look at these protocols:

Routing Information Protocol (RIP)

Cisco implementation of RIPv2 supports two modes of authentication: clear text authentication and Message Digest 5 (MD5) authentication. Clear text authentication is the default when authentication is enabled. Note: RIP version 1 (RIPv1) does not support authentication.

RIPv2 uses a key chain, defined in the global configuration, to set the key string. Key chains are a generic set of keys that can be used with multiple processes on the Cisco router, including RIP, EIGRP, ISIS, OSPFv2, HSRP and others.

With the introduction of the cryptography algorithm as an option in the key chain’s configuration, you need to make sure the key chain is compatible with the protocol or feature that it’s referencing. RIPv2 doesn’t support this option within the key chain that it’s referencing. The configuration for MD5 requires the mode to be set at the interface level for IOS and IOS-XE.

With IOS-XR, the reference to the key chain and the mode of authentication are done on the same configuration line. With NX-OS (Nexus switches), the mode and reference to the key chain are on separate interface configuration lines.

ISO/IOS-XE

Key chain MyKey
 Key 1
  Key-string C1sc0
!
Interface fastethernet0/1
 ip rip authentication mode md5
 ip rip authentication key-chain MyKey

IOS-XR

key chain MyKey
 accept-tolerance infinite
 key 1
  key-string C1sc0
  send-lifetime 1:00:00 january 1 2017 infinite
  accept-lifetime 1:00:00 january 1 2017 infinite
!
router rip
 interface Gi0/0/0/1
  authentication keychain MyKey mode md5
 !
!
! Note that IOS-XR requires a lifetime configured for the key to be valid

NX-OS

Key chain MyKey
 Key 1
  Key-string C1sc0
!
Interface ethernet1/1
 ip rip authentication mode md5
 ip rip authentication key-chain MyKey

Open Shortest Path First version 2 (OSPFv2)

OSPFv2 has supported clear text and MD5 authentication for a long time, but HMAC-SHA is an option with the introduction of RFC 5709. Starting with IOS 15.4T, Cisco now supports SHA for authenticating OSPFv2. Prior to 15.4T, the key had to be configured on the interface. Now it can be configured within a key chain. As of the writing of this blog, IOS-XR and NX-OS don’t support SHA for authentication for OSPFv2.

IOS/IOS-XE

interface fastethernet0/1
 ip ospf message-digest-key 1 md5 cisco
!
router ospf 1
 area 0 authentication message-digest
!
or 
interface fastethernet0/1
 ip ospf message-digest-key 1 md5 cisco
 ip ospf authentication message-digest

SHA:

key chain MyKey
 key 1
 key-string C1sc0
 cryptographic-algorithm hmac-sha-256
!
interface fastethernet0/1
 ip ospf authentication key-chain MyKey

IOS-XR

key chain MyKey
 accept-tolerance infinite
 key 1
  key-string C1sc0
  send-lifetime 1:00:00 january 1 2017 infinite
  accept-lifetime 1:00:00 january 1 2017 infinite
!
router ospf 1
 area 0
  interface Gi0/0/0/1
   authentication keychain MyKey mode md5
 !

NX-OS

interface ethernet1/1
 ip ospf message-digest-key 1 md5 C1sc0
 ip ospf authentication message-digest
or

key chain MyKey
 key 1
 key-string C1sc0
!
interface ethernet1/1
 ip ospf authentication key-chain MyKey
 ip ospf authentication message-digest

Open Shortest Path First version 3 (OSPFv3)

Unlike the other routing protocols, OSPFv3 takes advantage of IPv6 that it’s riding upon. Security is considered to be native to IPv6’s protocol, so rather than reinventing the wheel, OSPFv3 can use it. You can define authentication and/or encryption for the OSPFv3 packets. NX-OS doesn’t presently support authentication for OSPFv3.

IOS/IOS-XE

interface fastethernet1/0
 ipv6 enable
 ipv6 ospf 1 area 0
 ipv6 ospf authentication ipsec spi 500 sha1 C1sc0123456789

or

ipv6 router ospf 1
 area 0 authentication ipsec spi 1000 sha1 C1sc0123456789

IOX-XR

router ospfv3 1
 area 0
  interface gigabitethernet0/0/0/1
   authentication ipsec spi 1000 sha1 C1sc012345678

Intermediate System Intermediate System (IS-IS)

IS-IS can authenticate at the interface, area or domain level. Prior to RFC 3567, IS-IS only supported clear text authentication. RFC 3567 added the support for MD5 authentication. RFC 5310, “IS-IS Generic Crypto Authentication,” introduces SHA as an authentication algorithm for IS-IS. No version of Cisco network operating systems supports SHA for IS-IS authentication.

On ISO-XR platforms, there are two types of authentication: link state packets and hellos. IS-IS supports using a key chain to define the key string or the string can be applied directly to the authentication command. With Nexus, the key string must be defined within a key chain—you cannot define it directly on the authentication command.

IOS/IOS-XE

interface fastethernet1/0
 ip router isis
 isis password C1sc0

or

key chain MyKey
 key 1
 key-string C1sc0
!
interface fastethernet0/1
 ip router isis
 isis authentication mode md5
 isis authentication key-chain MyKey

or

router isis
 authentication mode md5
 authentication key-chain MyKey

IOS-XR

router isis 1
 lsp-password hmac-md5 clear C1sc0
 interface giabitethernet0/0/0/1
  hello-password hmac-md5 clear C1sc0

or

key chain MyKey
 accept-tolerance infinite
 key 1
  key-string C1sc0
  cryptographic-algorithm hmac-md5
  send-lifetime 1:00:00 january 1 2017 infinite
  accept-lifetime 1:00:00 january 1 2017 infinite
!
router isis 1
lsp-password keychain MyKey 
 interface giabitethernet0/0/0/1
  hello-password keychain MyKey
 !

NX-OS

key chain MyKey
 key 1
 key-string C1sc0
!
interface ethernet1/1
 isis authentication-type md5 level-2
 isis authentication key-chain MyKey level-2

or

router isis
 authentication-type md5 level-2
 authentication key-chain MyKey level-2

Enhanced Interior Gateway Protocol (EIGRP)

EIGRP has been a Cisco protocol since 1993, replacing Cisco’s previous protocol IGRP. In 2013, Cisco released a draft request for comment (RFC) for EIGRP, which has since been published in 2016 (RFC 7868). Per the RFC, EIGRP supports authentication types MD5 and SHA. Currently, IOS-XR and NX-OS only support MD5 authentication for EIGRP.

IOS/IOS-XE

key chain MyKey
 key 1
 key-string C1sc0
!
interface fastethernet0/1
 ip authentication mode eigrp 35 md5
 ip authentication key-chain eigrp 35 MyKey

SHA:

router eigrp Fred
 address-family ipv4 autonomous-system 35
  af-interface fastethernet 0/1
   authentication mode hmac-sha-256 0 C1sc0
key chain MyKey
 key 1
 key-string C1sc0
!
interface fastethernet0/1
 ipv6 authentication mode eigrp 35 md5
 ipv6 authentication key-chain eigrp 35 MyKey

SHA:

router eigrp Fred
 address-family ipv4 autonomous-system 35
  af-interface fastethernet 0/1
   authentication mode hmac-sha-256 0 C1sc0

IOS-XR

key chain MyKey
 accept-tolerance infinite
 key 1
  key-string C1sc0
  send-lifetime 1:00:00 january 1 2017 infinite
  accept-lifetime 1:00:00 january 1 2017 infinite
!
router eigrp 35
 address-family ipv4
  interface gigabitethernet0/0/0/1
   authentication keychain MyKey
 address-family ipv6
  interface gigabitethernet0/0/0/1
   authentication keychain MyKey

NX-OS

key chain MyKey
 key 1
 key-string C1sc0
!
interface ethernet1/1
 ip authentication mode eigrp 35 md5
 ip authentication key-chain eigrp 35 MyKey
key chain MyKey
 key 1
 key-string C1sc0
!
interface ethernet1/1
 ipv6 authentication mode eigrp 35 md5
 ipv6 authentication key-chain eigrp 35 MyKey

Border Gateway Protocol (BGP)

BGP is a complicated protocol—it has to be. BGP is the only routing protocol able to scale to advertising the hundreds of thousands of routes found on the internet today. BGP is also used to support other applications and protocols such as layer 2 and layer 3 VPNs within an MPLS network. In the public internet, there are individuals that want to be disruptive, hold others hostage or redirect traffic for the purpose of theft. BGP offers authentication, as well as other security options. IOS-XR is the only Cisco network operating system capable of SHA authentication. All the others only use MD5.

If security of your BGP relationships and updates are a significant concern, you can always use an IPsec tunnel to peer the neighbors through. Depending on the crypto capability of your release of code, you could see a significant increase in security even though you’re not using the protocol’s built-in authentication. Let’s look at what’s available in the protocol itself:

IOS/IOS-XE

router bgp 65001
 neighbor 192.168.5.1 password C1sc0

IOS-XR

router bgp 65001
 neighbor 192.168.5.1
  password clear C1sc0

SHA:

key chain MyKey
 accept-tolerance infinite
 key 1
  key-string C1sc0
  cryptographic-algorithm hmac-md5
  send-lifetime 1:00:00 january 1 2017 infinite
  accept-lifetime 1:00:00 january 1 2017 infinite
!
router bgp 65001
 neighbor 192.168.5.1
  keychain MyKey
 !

NX-OS

router bgp 65001
 neighbor 192.168.5.1 remote-as 65002
  password 0 C1sc0

It’s clear there are varying degrees of consistency between the Cisco network operating systems when it comes down to authenticating the routing protocols. I’ve examined the options of one router vendor. Consider the additional complexities of a multi-vendor shop with multiple router manufacturers, each with their own way of doing things.

The bottom line is we have to protect our network infrastructure. No matter which routing protocol you use, there are options for how to authenticate the neighbor to ensure the updates are coming from a trusted source. Use the strongest common authentication hashing algorithm you can find. Network technologies evolve, vendors evolve and options evolve, so reexamine periodically what is available and upgrade whenever you have the opportunity.

Related Courses
ICND1 v3.0 – Interconnecting Cisco Networking Devices, Part 1
CCNAX v3.0 – CCNA Routing and Switching Boot Camp
ROUTE – Implementing Cisco IP Routing v2.0
TSHOOT – Troubleshooting and Maintaining Cisco IP Networks v2.0
BGP – Configuring BGP on Cisco Routers v4.0
ARCH – Designing Cisco Network Service Architectures v3.0
MPLS – Implementing Cisco MPLS v3.0



from
CERTIVIEW

No comments:

Post a Comment