nanog mailing list archives
Re: JunOS/FRR/Nokia et al BGP critical issue
From: Nick Hilliard <nick () foobar org>
Date: Fri, 1 Sep 2023 11:54:57 +0100
Bjørn Mork wrote on 01/09/2023 10:52:
But there's obviously not been enough thought applied to realize that optional transitive attributes must be considered evil by default. They can only be used after extremely careful parsing. This is the BGP version of select * from mytable where field = $unvalidated_user_input;
it's not really. If the receiving BGP stack understands the attribute, then it should be parsed as default, i.e. carefully. Unfortunately, junos slipped up on this and didn't validate the input correctly, which is a parsing bug. Param validation bugs happen. They shouldn't happen, but they do.
If an intermediate router doesn't understand a transitive attribute, it should be ignored, and life should move on.
The problems arise in two situations: 1. malformed attribute, i.e. this situation.2. vendors squatting path attribute values which are then assigned for other purposes. This is a subset of #1, but is messy and difficult to rectify when it happens. Great for fuzzing, not so good for production networks.
Nick
Current thread:
- Re: JunOS/FRR/Nokia et al BGP critical issue Bjørn Mork (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Nick Hilliard (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Bjørn Mork (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Eugeniu Patrascu (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Bjørn Mork (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Nick Hilliard (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Job Snijders via NANOG (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Bjørn Mork (Sep 01)
- Re: JunOS/FRR/Nokia et al BGP critical issue Tom Beecher (Sep 05)
- Re: JunOS/FRR/Nokia et al BGP critical issue Nick Hilliard (Sep 01)