[quagga-dev 8185] Re: request for testing

Florian Weimer fweimer at bfk.de
Thu Aug 26 08:20:46 BST 2010


* Nick Hilliard:

> On 25/08/2010 23:12, Chris Hall wrote:
>> I'm not sure how to distinguish between a broken peer and a peer which is
>> passing on a mixture of broken stuff and valid stuff.
>
> The problem we're encountering here is that RFC 4271 specifies:
>
> "If a connection encounters an error condition, a NOTIFICATION message is
> sent and the connection is closed."
>
> Section 3, top of page 9.  Further blather is available in section 6.3
> (page 32).
>
> I would hazard a guess that the point of session teardown in the case of
> errors like this is to help ensure state consistency.

Yes, but that's not a valid reason.  A teared-down session is an
unstable state, too.  The system will automatically transit out of it.
Session teardown as a fail-safe mechanism does not work.

I've written this before, but we really need to think about the
different services BGP provides.  At the BGP framing layer, protocol
errors should result in session teardown because there is no other
choice.  But you shouldn't reset a session because you receive an
attribute you cannot parse because that's a couple of protocol layers
up and likely not the fault of the peer you are punishing through
tear-down.  If we did that for Internet mail, we would cease to accept
all mail from another server for some time, just because some message
it relayed had got a malformed Date: header.

-- 
Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99



More information about the Quagga-dev mailing list