[70226] in North American Network Operators' Group
Re: BGP Exploit
daemon@ATHENA.MIT.EDU (Patrick W.Gilmore)
Wed May 5 16:00:28 2004
In-Reply-To: <2D00AD0E4D36D411BD300008C786E42412B26576@denntex021.ad.qintra.com>
Cc: Patrick W.Gilmore <patrick@ianai.net>
From: Patrick W.Gilmore <patrick@ianai.net>
Date: Wed, 5 May 2004 14:47:54 -0400
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On May 5, 2004, at 2:39 PM, Smith, Donald wrote:
> No. The router stays up. The tool I use is very fast. It floods the
> GIGE
> to the point that that interface is basically unusable but the router
> itself stays up only the session is torn down. I did preformed these
> tests in a lab and did
> not have full bgp routing tables etc ... so your mileage may vary.
That is DAMNED impressive. I've never seen a router which can take a
Gigabit of traffic to its CPU and stay up. What kind of router was
this? You mentioned Juniper and Cisco before, but I know a cisco will
fall over long before a gigabit and a Juniper either does or drops
packets destined for the CPU (but keeps routing).
Perhaps it was rate limiting the # of packets which reached the CPU,
and the session stayed up because the "magic" packet was dropped in the
rate limiting?
--
TTFN,
patrick
