[129131] in North American Network Operators' Group
Re: Did your BGP crash today?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Fri Aug 27 15:22:45 2010
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <20100827191324.GJ1946@gerbil.cluepon.net>
Date: Fri, 27 Aug 2010 15:19:28 -0400
To: Richard A Steenbergen <ras@e-gerbil.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Aug 27, 2010, at 3:13 PM, Richard A Steenbergen wrote:
> On Fri, Aug 27, 2010 at 01:29:15PM -0400, Jared Mauch wrote:
>>=20
>> Unknown BGP attribute 99 (flags: 240)
>> Unknown BGP attribute 99 (flags: 240)
>> Unknown BGP attribute 99 (flags: 240)
>> Unknown BGP attribute 99 (flags: 240)
>> Unknown BGP attribute 99 (flags: 240)
>=20
> Just out of curiosity, at what point will we as operators rise up=20
> against the ivory tower protocol designers at the IETF and demand that=20=
> they add a mechanism to not bring down the entire BGP session because =
of=20
> a single malformed attribute? Did I miss the memo about the meeting?=20=
> I'll bring the punch and pie.
I think it's actually an implementation problem where it got =
out-of-sync.
You can't exactly blame the IETF for a vendor having poor code quality.
(at least not in this case IMHO).
I seem to recall there was something like this in the past that caused
some significant problems with people also running XR/CRS-1. They =
quickly
got a fix and cisco issued a PSIRT as a result:
=
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af=
150f.shtml#summary
I would hope these people updated their software for that impact as =
well.
Without knowing what the defect impact was on those devices, and without =
talking to
PSIRT today, I don't know if an advisory is pending. Perhaps it's a new =
defect
and the bug is going to be triggered again soon for those that don't =
patch
their devices.
- jared=
