Did your BGP crash today?

bmanning at vacation.karoshi.com bmanning at vacation.karoshi.com
Fri Aug 27 16:37:14 CDT 2010


	come on Chris,  is the Internet an experiment or not? :)
	one would think that a responsible party would have made
	efforts to let others in the "playground" know they were
	going to try something different that could have ramifications
	on an unkown distribution of some code bases.

	I'm not asking my vendor or (in the case of OSS) me to run
	"full bit sweeps"... but a heads up to some of the known
	ops lists would have been not only welcome but expected.

	as usual, YMMV

--bill


On Fri, Aug 27, 2010 at 04:11:32PM -0400, Christopher Morrow wrote:
> On Fri, Aug 27, 2010 at 4:07 PM, Mike Gatti <ekim.ittag at gmail.com> wrote:
> > where's the change management process in all of this.
> > basically now we are going to starting changing things that can
> > potentially have an adverse affect on users without letting anyone know
> > before hand .... Interesting concept.
> 
> you are running bgp, you are connected to the 'internet'... congrats
> you are part of the experiment.
> 
> I suppose one view is that "at least it wasn't someone with ill
> intent, or a misconfigured mikrotek!"
> 
> (you are asking your vendors to run full bit sweeps of each protocol
> in a regimented manner checking for all possible edge cases and
> properly handling them, right?)
> 
> -chris
> 
> > On Aug 27, 2010, at 3:33 PM, Dave Israel wrote:
> >
> >>
> >> On 8/27/2010 3:22 PM, Jared Mauch wrote:
> >>> When you are processing something, it's sometimes hard to tell if something
> >>> just was mis-parsed (as I think the case is here with the "missing-2-bytes")
> >>> vs just getting garbage.  Perhaps there should be some way to "re-sync" when
> >>> you are having this problem, or a parallel "keepalive" path similar to
> >>> MACA/MCAS/MIDCAS/TCAS between the devices to talk when something bad is
> >>> happening.
> >>
> >> I know it wasn't there originally, and isn't mandatory now, but there is
> >> an MD5 hash that can be added to the packet.  If the TCP hash checks
> >> out, then you know the packet wasn't garbled, and just contained
> >> information you didn't grok.  That seems like enough evidence to be able
> >> to shrug and toss the packet without dropping the session.
> >>
> >> -Dave
> >>
> >>
> >>
> >
> > =+=+=+=+=+=+=+=+=+=+=+=+=
> > Mike Gatti
> > ekim.ittag at gmail.com
> > =+=+=+=+=+=+=+=+=+=+=+=+=
> >
> >
> >
> >
> >
> 




More information about the NANOG mailing list