[quagga-dev 8183] Re: request for testing

Ingo Flaschberger if at xip.at
Thu Aug 26 00:03:39 BST 2010


Hi,

> I guess the situation I am trying to avoid (and perhaps this is not the bug) 
> is given 5 ASNs 1,2,3,4 and 666.  ASN4 is running quagga multihomed to ASN 
> 1,2,3 and getting full views.
>
> Lets say 666 injects bad information into the global routing table... Its 
> peers pass along the giant AS path, or whatever the bad payload is.  ASN 
> 1,2,3 all get the bad path and pass it along to ASN 4.    ASN4 is now offline 
> as all of its peers have been reset.  This almost happened to me as 2 of 3 of 
> my transit peers were running a version that got caught by a similar bug and 
> nearly knocked me off line a year or so ago. In that case, yes, bgpd crashed. 
> However, the impact if the sessions with my upstreams just die, is the same.

I remember one vendor, that accept the bogus, send the bogus to the next 
downstream peer and then close the session to the upstream peer.
That really waived through the internet (severall times).

I also have the opinion,
that a router should accept as much as possible but be restrict was to 
send out.

Kind regards,
 	Ingo Flaschberger




More information about the Quagga-dev mailing list