|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: That pesky AS path corruption bug...
When you say the router crashes I assume you are talking the whole box crashing and not just the BGP session. As I understand the current spec, a router, upon receiving a malformed as_path is supposed to respond with a notification message (3.11) and drop the BGP connection. Your suggestion to maintain the connection and drop the announcement is a practical one, but doesn't put as much pressure on vendors to fix the bug. pete On Tue, May 23, 2000 at 12:40:00PM -0400, Blaine Christian wrote: > > Hello all, > > After observing a recent issue regarding a router that sent corrupted AS > path (all names are witheld to protect the guilty). I took a look at the > path information that was being received and have a possible solution. > Since the corrupted AS-path does not include the AS that the route is > coming from (at least in the corruption that I saw) it seems to me that a > simple solution for all is to filter on AS i.e. only allow routes that > have the AS of your EBGP neighbor prepended to them. I realize this does > not cover all cases of wacky AS corruption problems but it may fix some of > them. I would suggest that those of you running mixed vendor EBGP (again > names witheld) should implement a version of this strategy for your own > self protection. It can certainly be implemented as part of an overall > customer access functionality. This may be obvious to some of you but I > do not believe that everyone is at this level yet. > > Of course the tirade part of this email is for all vendors involved in > this travesty. If you do not understand or dislike a route that you have > received don't just CRASH. Anyone ever thought of checking the route and > throwing it out with an error message if you don't like it? I, of course, > have heard and seen that several vendors have fixed this in the more > recent releases. This type of bug is something that everyone who writes > software has to deal with. If you raise an exception for bad input it is > bad form to crash or reset your application. > > BTW, I am sure all have heard this argument before. I just wanted to get > this topic renewed. > > Regards, > > Blaine > >
|