Did your BGP crash today?
Paul Ferguson
fergdawgster at gmail.com
Sat Aug 28 00:08:01 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, Aug 27, 2010 at 5:02 PM, Clay Fiske <clay at bloomcounty.org> wrote:
>
> On Aug 27, 2010, at 1:57 PM, Valdis.Kletnieks at vt.edu wrote:
>
>>
>> That works fine for malformed attributes. It blows chunks for legally
>> formed but unknown attributes - how would you ever deploy a new
>> attribute?
>
> By making it optional. Seems to me that's pretty well covered by the Path
> Attributes section of the RFC.
>
> A bad attribute isn't simply unknown, it's malformed. My apologies for
> not wording that more precisely.
>
> I do see the wisdom of fine-grained control of this behavior. I'm just
> saying, it'd be nice if we could have correct behavior on the basics in
> the first place. :)
>
As an aside, I see that Cisco has released a late Friday afternoon security
advisory on this issue:
http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
FYI,
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFMeFNZq1pz9mNUZTMRAkR9AJ9cTz71N5/RMaQFD6LsumKLhpfASACdHrBR
4uQ0+oes21gvTS5IVJZXMds=
=5wqD
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawgster(at)gmail.com
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG
mailing list