OpenBGPd problems relating to misuse of RESERVED bits in BGP Attribute Flags field
Michael Sinatra
michael at rancid.berkeley.edu
Thu Nov 29 17:34:34 UTC 2012
Hi Jeff (and NANOG)
This is one of our customers, and we're going to get it fixed (or worked
around) ASAP.
michael
On 11/29/12 12:44 AM, Jeff Wheeler wrote:
> I had two downstream BGP customers experience problem with an OpenBGPd bug
> tonight. Before diving into detail, I would like to link this mailing list
> thread, because this is not a new issue and a patch is available:
> http://www.mail-archive.com/[email protected]/msg115071.html
>
> For the following DFZ routes, I see wrong use of the fifth bit in the
> Attribute Flags field:
> Aggregator (7), length: 8, Flags [OT+8]: AS #68, origin
> 192.65.95.253
> 0x0000: 0000 0044 c041 5ffd
> Updated routes:
> 128.165.0.0/16
> 141.111.0.0/16
> 192.65.95.0/24
> 192.12.184.0/24
> 204.121.0.0/16
>
> According to RFC 4271 page 17, "the low-order four bits of the Attribute
> Flags octet are unused. They MUST be zero when sent and MUST be ignored
> when received." I read "ignored" to mean, don't tear down the BGP session
> and print a cryptic error that the user probably will be unable to debug.
> The OpenBGPd guys clearly agree and have supplied a patch, so affected
> users should visit the above mailing list link, and install it.
>
> Here are my notes for this RFC page and a small diagram of the packet
> header, because surprisingly, there isn't one in the RFC already
> http://inconcepts.biz/~jsw/img/1121129aa-rfc4271pg17scan.jpg Sorry about
> the poor quality of this, but it is past 3am here, and I know of several
> operators (besides my downstream customers) who are experiencing this
> problem right now.
>
> If I were someone who is broken by this right now, I would either patch my
> OpenBGPd or ask your eBGP neighbors not to send you the above five routes
> (filtering it on your own OpenBGPd router probably won't help.)
>
> Thanks, I hope this is helpful
>
More information about the NANOG
mailing list