Hi, NANOGers. ] Actual data: Over the past three plus years an organization with on the ] order of a dozen MD5-ized BGP sessions has has multiple down sessions ] due to, for instance, a peer doing standard (for them) password ] rotation and forgetting to inform the organization. Yep, that's a problem - a PROCESS problem. The definition of insanity is repeating the same behavior over and over and expecting a different result. ;) Saying that we've not seen any RST attacks may be correct, but it's not a predictor of future activity. No one can do more than model what may come next. Prior to February 2001 no one had seen massive DDoS either. Anyone still think DDoS isn't a problem? We manage well over 150 peering sessions with MD5 passwords in place. This includes bogon peering, route-server peering, and production traffic peering. This has grown over the past three years. The total number of MD5-related outages: zero. In other words, your mileage may vary. :) Test any feature. Think about how to manage that feature, both in the deployment stage and in steady-state. I don't advocate the use of any feature, be it MD5, MPLS, et al. without careful consideration of the support ramifications of it. Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);