OpenBGPd problems relating to misuse of RESERVED bits in BGP Attribute Flags field
Jeff Wheeler
jsw at inconcepts.biz
Thu Nov 29 08:44:32 UTC 2012
I had two downstream BGP customers experience problem with an OpenBGPd bug
tonight. Before diving into detail, I would like to link this mailing list
thread, because this is not a new issue and a patch is available:
http://www.mail-archive.com/[email protected]/msg115071.html
For the following DFZ routes, I see wrong use of the fifth bit in the
Attribute Flags field:
Aggregator (7), length: 8, Flags [OT+8]: AS #68, origin
192.65.95.253
0x0000: 0000 0044 c041 5ffd
Updated routes:
128.165.0.0/16
141.111.0.0/16
192.65.95.0/24
192.12.184.0/24
204.121.0.0/16
According to RFC 4271 page 17, "the low-order four bits of the Attribute
Flags octet are unused. They MUST be zero when sent and MUST be ignored
when received." I read "ignored" to mean, don't tear down the BGP session
and print a cryptic error that the user probably will be unable to debug.
The OpenBGPd guys clearly agree and have supplied a patch, so affected
users should visit the above mailing list link, and install it.
Here are my notes for this RFC page and a small diagram of the packet
header, because surprisingly, there isn't one in the RFC already
http://inconcepts.biz/~jsw/img/1121129aa-rfc4271pg17scan.jpg Sorry about
the poor quality of this, but it is past 3am here, and I know of several
operators (besides my downstream customers) who are experiencing this
problem right now.
If I were someone who is broken by this right now, I would either patch my
OpenBGPd or ask your eBGP neighbors not to send you the above five routes
(filtering it on your own OpenBGPd router probably won't help.)
Thanks, I hope this is helpful
--
Jeff S Wheeler <jsw at inconcepts.biz>
Sr Network Operator / Innovative Network Concepts
More information about the NANOG
mailing list