Did your BGP crash today?

Florian Weimer fw at deneb.enyo.de
Sat Aug 28 12:27:54 UTC 2010


* Raymond Dijkxhoorn:

> Not sure if the link was posted allready ...
>
> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml

Cisco posts their advisories to the NANOG list.

> 'The vulnerability manifests itself when a BGP peer announces a prefix
> with a specific, valid but unrecognized transitive attribute. On
> receipt of this prefix, the Cisco IOS XR device will corrupt the
> attribute before sending it to the neighboring devices. Neighboring
> devices that receive this corrupted update may reset the BGP peering
> session.'

I'm not sure what you intend to say by quoting this part of the
advisory.  If you think that it's an IOS XR bug which only needs
fixing in IOS XR, you're showing the very attitude which has stopped
us from making the network more resilient to these types of events.




More information about the NANOG mailing list