Did your BGP crash today?

Paul Ferguson fergdawgster at gmail.com
Fri Aug 27 19:08:01 CDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Aug 27, 2010 at 5:02 PM, Clay Fiske <clay at bloomcounty.org> wrote:

>
> On Aug 27, 2010, at 1:57 PM, Valdis.Kletnieks at vt.edu wrote:
>

>>
>> That works fine for malformed attributes.  It blows chunks for legally
>> formed but unknown attributes - how would you ever deploy a new
>> attribute?
>
> By making it optional. Seems to me that's pretty well covered by the Path
> Attributes section of the RFC.
>
> A bad attribute isn't simply unknown, it's malformed. My apologies for
> not wording that more precisely.
>
> I do see the wisdom of fine-grained control of this behavior. I'm just
> saying, it'd be nice if we could have correct behavior on the basics in
> the first place. :)
>

As an aside, I see that Cisco has released a late Friday afternoon security
advisory on this issue:

http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml

FYI,

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFMeFNZq1pz9mNUZTMRAkR9AJ9cTz71N5/RMaQFD6LsumKLhpfASACdHrBR
4uQ0+oes21gvTS5IVJZXMds=
=5wqD
-----END PGP SIGNATURE-----


-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/




More information about the NANOG mailing list