Did your BGP crash today?

Thomas Mangin thomas.mangin at exa-networks.co.uk
Sat Aug 28 07:51:17 CDT 2010


We had ASN4, AS-PATH and this one. More or less we hit this session reset problem once a year but nothing was done yet to change the RFC.

So I am to blame as much as every network engineer to not have pushed for a change or at least a comprehensive explanation on the session teardown behaviour is like it is and should not be changed.

It is only our fault for not having dealt with the problem the first time correctly, and will be next time if nothing is changed once more.

I agree correctly framed invalid packet should be discarded without tearing the session down.
---
from my iPhone

On 28 Aug 2010, at 14:27, Florian Weimer <fw at deneb.enyo.de> wrote:

> * Raymond Dijkxhoorn:
> 
>> Not sure if the link was posted allready ...
>> 
>> http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml
> 
> Cisco posts their advisories to the NANOG list.
> 
>> 'The vulnerability manifests itself when a BGP peer announces a prefix
>> with a specific, valid but unrecognized transitive attribute. On
>> receipt of this prefix, the Cisco IOS XR device will corrupt the
>> attribute before sending it to the neighboring devices. Neighboring
>> devices that receive this corrupted update may reset the BGP peering
>> session.'
> 
> I'm not sure what you intend to say by quoting this part of the
> advisory.  If you think that it's an IOS XR bug which only needs
> fixing in IOS XR, you're showing the very attitude which has stopped
> us from making the network more resilient to these types of events.
> 




More information about the NANOG mailing list