nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Did your BGP crash today?

From: Thomas Mangin <thomas.mangin () exa-networks co uk>
Date: Sat, 28 Aug 2010 14:51:17 +0200
We had ASN4, AS-PATH and this one. More or less we hit this session reset problem once a year but nothing was done yet 
to change the RFC.

So I am to blame as much as every network engineer to not have pushed for a change or at least a comprehensive 
explanation on the session teardown behaviour is like it is and should not be changed.

It is only our fault for not having dealt with the problem the first time correctly, and will be next time if nothing 
is changed once more.

I agree correctly framed invalid packet should be discarded without tearing the session down.
---
from my iPhone

On 28 Aug 2010, at 14:27, Florian Weimer <fw () deneb enyo de> wrote:


* Raymond Dijkxhoorn:


Not sure if the link was posted allready ...

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml


Cisco posts their advisories to the NANOG list.


'The vulnerability manifests itself when a BGP peer announces a prefix
with a specific, valid but unrecognized transitive attribute. On
receipt of this prefix, the Cisco IOS XR device will corrupt the
attribute before sending it to the neighboring devices. Neighboring
devices that receive this corrupted update may reset the BGP peering
session.'


I'm not sure what you intend to say by quoting this part of the
advisory.  If you think that it's an IOS XR bug which only needs
fixing in IOS XR, you're showing the very attitude which has stopped
us from making the network more resilient to these types of events.
Previous By Date Next
Previous By Thread Next

Current thread: