[129187] in North American Network Operators' Group
Re: Did your BGP crash today?
daemon@ATHENA.MIT.EDU (Raymond Dijkxhoorn)
Sat Aug 28 08:42:53 2010
Date: Sat, 28 Aug 2010 14:42:32 +0200 (CEST)
From: Raymond Dijkxhoorn <raymond@prolocation.net>
To: Florian Weimer <fw@deneb.enyo.de>
In-Reply-To: <87eidisz05.fsf@mid.deneb.enyo.de>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hi!
> Cisco posts their advisories to the NANOG list.
>> 'The vulnerability manifests itself when a BGP peer announces a prefix
>> with a specific, valid but unrecognized transitive attribute. On
>> receipt of this prefix, the Cisco IOS XR device will corrupt the
>> attribute before sending it to the neighboring devices. Neighboring
>> devices that receive this corrupted update may reset the BGP peering
>> session.'
> I'm not sure what you intend to say by quoting this part of the
> advisory. If you think that it's an IOS XR bug which only needs
> fixing in IOS XR, you're showing the very attitude which has stopped
> us from making the network more resilient to these types of events.
Its more a workaround then a bugfix ...
Dont try to write down what I might think. I am perfectly capable of
explaining this myselve. The narrow minded response you just did tells
more about you then about me. So far for the rant.
I think i am around long enough that you would not even consider thinking
that i would say 'hey this is a IOS XR BUG. Its not.' I didnt say this at
all. Did I?
If it affects a large part of traffic on the internet and it obviously
did. It took down a couple of the larger networks.
http://www.ams-ix.net/cgi-bin/stats/16all?log=totalall;png=daily
You can clearly see the drop there also.
I think a 'fix' 'bugfix' 'workaround' whatever you want to call it,
i still think its good they released it and fast. A more structural
approach is nice but wont help a lot of networks right now.
I am sorry i tried to add something to the thread. Think about this
Florian. We are not the bad guys.
Bye,
Raymond.
