Did your BGP crash today?

Warren Kumari warren at kumari.net
Fri Aug 27 22:20:01 UTC 2010

On Aug 27, 2010, at 5:37 PM, bmanning at vacation.karoshi.com wrote:

> 	come on Chris,  is the Internet an experiment or not? :)
> 	one would think that a responsible party would have made
> 	efforts to let others in the "playground" know they were
> 	going to try something different that could have ramifications
> 	on an unkown distribution of some code bases.

I'm assuming that they weren't really expecting this to cause  
issues... Where does one draw the line? I'm planning on announcing  
x.y.z.0/20 later in the week -- x, y and z are all prime and the sum  
of all 3 is also a prime. There is a non-zero chance that something  
somewhere will go flooie, shall I send mail now or later?

Also, I would prefer that this gets discovered and dealt with (in this  
case by stopping the announcement :-)) than having folk not willing to  
try things and ending up with a weaponized version...


> 	I'm not asking my vendor or (in the case of OSS) me to run
> 	"full bit sweeps"... but a heads up to some of the known
> 	ops lists would have been not only welcome but expected.
> 	as usual, YMMV
> --bill
> On Fri, Aug 27, 2010 at 04:11:32PM -0400, Christopher Morrow wrote:
>> On Fri, Aug 27, 2010 at 4:07 PM, Mike Gatti <ekim.ittag at gmail.com>  
>> wrote:
>>> where's the change management process in all of this.
>>> basically now we are going to starting changing things that can
>>> potentially have an adverse affect on users without letting anyone  
>>> know
>>> before hand .... Interesting concept.
>> you are running bgp, you are connected to the 'internet'... congrats
>> you are part of the experiment.
>> I suppose one view is that "at least it wasn't someone with ill
>> intent, or a misconfigured mikrotek!"
>> (you are asking your vendors to run full bit sweeps of each protocol
>> in a regimented manner checking for all possible edge cases and
>> properly handling them, right?)
>> -chris
>>> On Aug 27, 2010, at 3:33 PM, Dave Israel wrote:
>>>> On 8/27/2010 3:22 PM, Jared Mauch wrote:
>>>>> When you are processing something, it's sometimes hard to tell  
>>>>> if something
>>>>> just was mis-parsed (as I think the case is here with the  
>>>>> "missing-2-bytes")
>>>>> vs just getting garbage.  Perhaps there should be some way to  
>>>>> "re-sync" when
>>>>> you are having this problem, or a parallel "keepalive" path  
>>>>> similar to
>>>>> MACA/MCAS/MIDCAS/TCAS between the devices to talk when something  
>>>>> bad is
>>>>> happening.
>>>> I know it wasn't there originally, and isn't mandatory now, but  
>>>> there is
>>>> an MD5 hash that can be added to the packet.  If the TCP hash  
>>>> checks
>>>> out, then you know the packet wasn't garbled, and just contained
>>>> information you didn't grok.  That seems like enough evidence to  
>>>> be able
>>>> to shrug and toss the packet without dropping the session.
>>>> -Dave
>>> =+=+=+=+=+=+=+=+=+=+=+=+=
>>> Mike Gatti
>>> ekim.ittag at gmail.com
>>> =+=+=+=+=+=+=+=+=+=+=+=+=

What our ancestors would really be thinking, if they were alive today,  
is: "Why is it so dark in here?"

     -- (Terry Pratchett, Pyramids)

More information about the NANOG mailing list