[129179] in North American Network Operators' Group
Re: Did your BGP crash today?
daemon@ATHENA.MIT.EDU (Claudio Jeker)
Sat Aug 28 08:10:38 2010
Date: Sat, 28 Aug 2010 14:10:30 +0200
From: Claudio Jeker <cjeker@diehard.n-r-g.com>
To: nanog@nanog.org
In-Reply-To: <4C78EE7B.6090309@consolejunkie.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sat, Aug 28, 2010 at 01:09:47PM +0200, Leen Besselink wrote:
> On 08/28/2010 11:39 AM, Saku Ytti wrote:
> > On (2010-08-28 18:20 +0900), Randy Bush wrote:
> >
> >
> >> a bgp regression suite would not have caught this as it was not a
> >> repeat. but it sure would be useful to implementors.
> >>
> > Naturally 'proving' that non-trivial software works is practically
> > impossible. But stating what non-existing test-suite would or would not
> > have covered is not a topic I'm particularly interested to engage.
> >
> >
> >
> I suggest the test-tool has 2 bgp-sessions and tests if what it put in
> did or did not come out on the otherside and in what shape or form.
>
> There are already atleast 2 projects which have BGP-code which could
> probably be adapted:
> http://code.google.com/p/exabgp/
> http://code.google.com/p/bgpsimple/
>
> Can I suggest a fuzzer as wel ?
>
>
There was once cert-bgp-testcases-28may03-final.tar.gz which did some
testing (including expected responses). I use it from time to time.
>From the README:
For more information see the NANOG 28 (http://www.nanog.org) presentation
...
"BGP Vulnerability Testing: Separating Fact from FUD"
by Sean Convery (sean@cisco.com) and Matthew Franz (mfranz@cisco.com)
But my quick googeling failed to locate a link to it.
--
:wq Claudio
