Re: Did your BGP crash today?

[Warren Kumari <warren () kumari net>]

On Aug 27, 2010, at 5:37 PM, bmanning () vacation karoshi com wrote:

>         come on Chris,  is the Internet an experiment or not? :)
>         one would think that a responsible party would have made
>         efforts to let others in the "playground" know they were
>         going to try something different that could have ramifications
>         on an unkown distribution of some code bases.

I'm assuming that they weren't really expecting this to cause  
issues... Where does one draw the line? I'm planning on announcing  
x.y.z.0/20 later in the week -- x, y and z are all prime and the sum  
of all 3 is also a prime. There is a non-zero chance that something  
somewhere will go flooie, shall I send mail now or later?

Also, I would prefer that this gets discovered and dealt with (in this  
case by stopping the announcement :-)) than having folk not willing to  
try things and ending up with a weaponized version...

W


>         I'm not asking my vendor or (in the case of OSS) me to run
>         "full bit sweeps"... but a heads up to some of the known
>         ops lists would have been not only welcome but expected.
>
>         as usual, YMMV
>
> --bill
>
>
> On Fri, Aug 27, 2010 at 04:11:32PM -0400, Christopher Morrow wrote:
> > On Fri, Aug 27, 2010 at 4:07 PM, Mike Gatti <ekim.ittag () gmail com>  
> > wrote:
> > > where's the change management process in all of this.
> > > basically now we are going to starting changing things that can
> > > potentially have an adverse affect on users without letting anyone  
> > > know
> > > before hand .... Interesting concept.
> >
> > you are running bgp, you are connected to the 'internet'... congrats
> > you are part of the experiment.
> >
> > I suppose one view is that "at least it wasn't someone with ill
> > intent, or a misconfigured mikrotek!"
> >
> > (you are asking your vendors to run full bit sweeps of each protocol
> > in a regimented manner checking for all possible edge cases and
> > properly handling them, right?)
> >
> > -chris
> >
> > > On Aug 27, 2010, at 3:33 PM, Dave Israel wrote:
> > >
> > > > On 8/27/2010 3:22 PM, Jared Mauch wrote:
> > > > > When you are processing something, it's sometimes hard to tell  
> > > > > if something
> > > > > just was mis-parsed (as I think the case is here with the  
> > > > > "missing-2-bytes")
> > > > > vs just getting garbage.  Perhaps there should be some way to  
> > > > > "re-sync" when
> > > > > you are having this problem, or a parallel "keepalive" path  
> > > > > similar to
> > > > > MACA/MCAS/MIDCAS/TCAS between the devices to talk when something  
> > > > > bad is
> > > > > happening.
> > > >
> > > > I know it wasn't there originally, and isn't mandatory now, but  
> > > > there is
> > > > an MD5 hash that can be added to the packet.  If the TCP hash  
> > > > checks
> > > > out, then you know the packet wasn't garbled, and just contained
> > > > information you didn't grok.  That seems like enough evidence to  
> > > > be able
> > > > to shrug and toss the packet without dropping the session.
> > > >
> > > > -Dave
> > >
> > > =+=+=+=+=+=+=+=+=+=+=+=+=
> > > Mike Gatti
> > > ekim.ittag () gmail com
> > > =+=+=+=+=+=+=+=+=+=+=+=+=

--
What our ancestors would really be thinking, if they were alive today,  
is: "Why is it so dark in here?"

    -- (Terry Pratchett, Pyramids)