[160652] in North American Network Operators' Group
RE: Level3 worldwide emergency upgrade?
daemon@ATHENA.MIT.EDU (Simon Allard)
Sun Feb 10 20:58:54 2013
From: Simon Allard <Simon.Allard@team.orcon.net.nz>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Mon, 11 Feb 2013 01:58:40 +0000
In-Reply-To: <BB7DB936357E7845B37BBCA97D0047E0AD9C82D6@NCTWINMBX01.office.orcon.net.nz>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Sorry, should rephrase.
The reason for the upgrade is PSN-2013-01-823 (PR 839412)
The reason for the BGP blackhole, is as you point out PR8361907
-----Original Message-----
From: Simon Allard [mailto:Simon.Allard@team.orcon.net.nz]=20
Sent: Monday, 11 February 2013 2:48 p.m.
To: Matthew Petach; Jonathan Towne
Cc: nanog@nanog.org
Subject: RE: Level3 worldwide emergency upgrade?
I think you might find its this issue.
PSN-2013-01-823
"Junos: Crafted TCP packet can lead to kernel crash"
-----Original Message-----
From: Matthew Petach [mailto:mpetach@netflight.com]
Sent: Thursday, 7 February 2013 7:23 a.m.
To: Jonathan Towne
Cc: nanog@nanog.org
Subject: Re: Level3 worldwide emergency upgrade?
On Wed, Feb 6, 2013 at 5:10 AM, Jonathan Towne <jtowne@slic.com> wrote:
> On Wed, Feb 06, 2013 at 07:57:06AM -0500, Alex Rubenstein scribbled:
> # The question should be more along the lines of, "why aren't you multiho=
med in a way that would make a 30 minute outage (which is inevitable) irrel=
evant to you?
>
> The fun part of this emergency maintenance in the northeast USA was=20
> that even folks who are multihomed felt it: Level3 managed to do this=20
> in a way that kept BGP sessions up but killed the ability to actually=20
> pass traffic. I'm not sure what they did that caused this, or whether=20
> anyone but northeast folks were affected by it, but it sure was neat=20
> to be effectively blackholed in and out of one of your provided circuits =
for a while.
I recommend you grab
http://kestrel3.netflight.com/2013.02.05-NANOG57-day2-afternoon-session.txt
and search for PR8361907
Richard did a very good lightning talk about why Juniper boxes will bring u=
p BGP but blackhole traffic for 30 minutes to over an hour, depending on nu=
mber of BGP sessions it is handling.
His recommendation--if you don't like it, go tell Juniper to fix that bug.
Matt
--
BEGIN-ANTISPAM-VOTING-LINKS
------------------------------------------------------
Teach Email Guard if this mail (ID 09IV6SM1n) is spam:
Spam: https://emailguard.orcon.net.nz/canit/b.php?i=3D09IV6SM1n&m=3D=
d5617dabf346&t=3D20130207&c=3Ds
Not spam: https://emailguard.orcon.net.nz/canit/b.php?i=3D09IV6SM1n&m=3D=
d5617dabf346&t=3D20130207&c=3Dn
Forget vote: https://emailguard.orcon.net.nz/canit/b.php?i=3D09IV6SM1n&m=3D=
d5617dabf346&t=3D20130207&c=3Df
------------------------------------------------------
END-ANTISPAM-VOTING-LINKS
--
BEGIN-ANTISPAM-VOTING-LINKS
------------------------------------------------------
Teach Email Guard if this mail (ID 08IWO9iX8) is spam:Spam: https://=
emailguard.orcon.net.nz/canit/b.php?i=3D08IWO9iX8&m=3De4a08b3bbde1&t=3D2013=
0211&c=3DsNot spam: https://emailguard.orcon.net.nz/canit/b.php?i=3D08IW=
O9iX8&m=3De4a08b3bbde1&t=3D20130211&c=3DnForget vote: https://emailguard.or=
con.net.nz/canit/b.php?i=3D08IWO9iX8&m=3De4a08b3bbde1&t=3D20130211&c=3Df
------------------------------------------------------
END-ANTISPAM-VOTING-LINKS
