nanog mailing list archives

Re: JunOS/FRR/Nokia et al BGP critical issue

From: Steve Noble <snoble () sonn com>
Date: Wed, 30 Aug 2023 08:29:21 -0700

Tom Beecher wrote on 8/30/23 8:22 AM:

     vendors should adopt RFC7606


Yes

      and not be absolutely awful at responding to vulnerability
    reporting.
1. This isn't exactly new. It's been possible to do this since theoriginal days of BGP.

Literally the first thing that came into my mind was the as-set issuefrom 2 decades ago where some vendors passed it, others dropped sessions..

2. Probably not wise to assume that's accurate just because he thinksthat is true.

On Wed, Aug 30, 2023 at 11:02 AM <jeffm () iglou com<mailto:jeffm () iglou com>> wrote:


    Fair update. To be clear, though, the main point of the article
    stands, and is maybe even strengthened by the update. A corrupted
    attribute def can cause the behavior (personal experience speaking
    here with a different attribute) and vendors should adopt RFC7606
    and not be absolutely awful at responding to vulnerability reporting.

    On Aug 30, 2023 10:43 AM, "Jakob Heitz (jheitz) via NANOG"
    <nanog () nanog org <mailto:nanog () nanog org>> wrote:

        The blog was updated. Correct link:

        https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling

        The attribute was not malformed.

        This is the hex dump of the attribute: “E0 1C 00”

        It is described here.

        https://www.rfc-editor.org/rfc/rfc6790#section-5.2

        This attribute is deprecated, but that does not prevent
        routers from originating it or passing it on.

        Kind Regards,

        Jakob

        ----------------- Original message --------------

        From: Mike Lyon <mike.lyon () gmail com <mailto:mike.lyon () gmail com>>
        To: NANOG list <nanog () nanog org <mailto:nanog () nanog org>>

        Ran across this article today and haven't seen posts about it so i
        figured I would share:

        
https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling?fbclid=IwAR13ePY43Vf3u4X8PDyCDT39DtyXczAKkv6CGXOQbcQv90Y3aIAmTkJxn7k_aem_Ad0hzj2Mh_WlbFZug-vGdlJJdXr2Xo0RFIsPwAU2GviPz6xZDib76YHwFuzU7E0_sJk&mibextid=Zxz2cZ

        Curious if anyone on the list is running VyOS and has
        experienced any problems?

        Cheers,
        Mike

--Mike Lyon

        mike.lyon () gmail com <mailto:mike.lyon () gmail com>
        http://www.linkedin.com/in/mlyon


--
Thank you,
Steven

Current thread:

JunOS/FRR/Nokia et al BGP critical issue Mike Lyon (Aug 30)
- Re: JunOS/FRR/Nokia et al BGP critical issue Mark Prosser (Aug 30)
  - Re: JunOS/FRR/Nokia et al BGP critical issue Jeff Tantsura (Aug 31)
- Re: JunOS/FRR/Nokia et al BGP critical issue William Herrin (Aug 30)
  - Re: JunOS/FRR/Nokia et al BGP critical issue Eugeniu Patrascu (Aug 30)
    - Re: JunOS/FRR/Nokia et al BGP critical issue Tom Beecher (Aug 30)
- <Possible follow-ups>
- Re: JunOS/FRR/Nokia et al BGP critical issue Jakob Heitz (jheitz) via NANOG (Aug 30)
  - Re: JunOS/FRR/Nokia et al BGP critical issue jeffm (Aug 30)
    - Re: JunOS/FRR/Nokia et al BGP critical issue Tom Beecher (Aug 30)
    - Re: JunOS/FRR/Nokia et al BGP critical issue Steve Noble (Aug 30)
  - Re: JunOS/FRR/Nokia et al BGP critical issue Jakob Heitz (jheitz) via NANOG (Aug 30)
    - Re: JunOS/FRR/Nokia et al BGP critical issue Jakob Heitz (jheitz) via NANOG (Aug 30)