IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt

Jeff Wheeler <jsw@inconcepts.biz> Mon, 10 December 2012 02:25 UTC

Return-Path: <jsw@inconcepts.biz>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B67E121F8DB7 for <idr@ietfa.amsl.com>; Sun, 9 Dec 2012 18:25:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.652
X-Spam-Level:
X-Spam-Status: No, score=-2.652 tagged_above=-999 required=5 tests=[AWL=0.325, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ubaZemTghoOZ for <idr@ietfa.amsl.com>; Sun, 9 Dec 2012 18:25:53 -0800 (PST)
Received: from mail-ie0-f172.google.com (mail-ie0-f172.google.com [209.85.223.172]) by ietfa.amsl.com (Postfix) with ESMTP id BFF5E21F8DB6 for <idr@ietf.org>; Sun, 9 Dec 2012 18:25:53 -0800 (PST)
Received: by mail-ie0-f172.google.com with SMTP id c13so7921971ieb.31 for <idr@ietf.org>; Sun, 09 Dec 2012 18:25:53 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=i/BQG5ukIJAtekpRPXElzvWXQghzxktLGo0o+BhMeJw=; b=f72fo6ocbO7RXYz+3T27Jsxnl69bWZjYDnohoGQJDqxiEb3TDSPa9bQ60lvgkGsTaP BS3fH0e7rlLn9eF4LUsnynLPmygtbgI7/pWpX7c4d82X9dJZjYK94S3lbMd8toxPJVIy i49mpBoc8jg71U8IdEZDr4Var75SLjGPRFbfvjWY4sBozPeh0qQ0PIjKDkDtWVtdMgWJ KVw+2DFINeizh1tCZ124otyYEywsQ5+dcuTPY6tZYrnwLpM0GF1BX4OjpYUtYHJgHWwZ gvWRLaxzUGImvSm57L6b0DTjktosWKljvo5j871CY5CSPuaB1xtAFf1l4GIi102tyIkt DSzw==
MIME-Version: 1.0
Received: by 10.42.180.65 with SMTP id bt1mr9891960icb.41.1355106353342; Sun, 09 Dec 2012 18:25:53 -0800 (PST)
Received: by 10.64.132.33 with HTTP; Sun, 9 Dec 2012 18:25:53 -0800 (PST)
X-Originating-IP: [74.134.22.105]
In-Reply-To: <07e901cdd667$31c593e0$9550bba0$@highwayman.com>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com> <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com> <07e901cdd667$31c593e0$9550bba0$@highwayman.com>
Date: Sun, 09 Dec 2012 21:25:53 -0500
Message-ID: <CAPWAtbJ4WqoyrzE87v-7hJpp_=fL=B-LevdSe9Q-_m8FLYdFZw@mail.gmail.com>
From: Jeff Wheeler <jsw@inconcepts.biz>
To: Chris Hall <chris.hall@highwayman.com>
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQnYBmoN0y7s9Dq71x1WGR0WMkegf4AVGYlJIv9BXCy9HwUJMgDjmv6pLqvJWdJf0ltzOTK3
Cc: idr@ietf.org
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 02:25:54 -0000

On Sun, Dec 9, 2012 at 6:44 PM, Chris Hall <chris.hall@highwayman.com> wrote:
> end.  However, forming these attributes is very simple, well
> exercised, and easily tested code.  It seems to me that this sort of
> anomaly is more likely to be symptomatic of a framing issue than it is
> to be a well-formed attribute which the sender has, for reasons
> unknown, decided to send with unexpected Flags and/or Length.

Here is an example from two weeks ago of some routes injected to the
DFZ with malformed attribute flags.  The result was that everyone
running OpenBGPd more than a few months old, and some networks with
Alcatel routers, and who knows what else, had their BGP sessions
resetting endlessly.
http://mailman.nanog.org/pipermail/nanog/2012-November/053754.html

BGP continues to be extended for purposes it was not intended to
serve.  MBGP is really terrible, and I am sure we all know that.
Capabilities have some caveats.  Secure BGP is genuinely scary.  Soon,
BGP will be used for MAC learning in datacenter and WAN networks.

Sadly there is no improved, more robust BGP, with better sanity checks
and/or more flexibility when handling faulty messages or buggy
software.  BGP must become more robust because people continue to
extend its use with more code, and more bugs.

On Sun, Dec 9, 2012 at 6:46 PM, Rob Shakir <rjs@rob.sh> wrote:
> It strikes me that your analysis is aiming to ensure 100% consistency at the device level - which I think is something that we have to accept is incompatible with overall network system robustness.

I agree.  I hope vendors will think hard about what default
configurations they ship, but giving operators some knobs may save
them a lot of money and stress when things go bad at 2am and they have
got to find a work-around to their problem until their vendor TAC or
in-house experts can find out what is wrong.

BGP is mission-critical for everyone.  If it stops working, you start
losing money, instantly.  The BGP protocol is the single point of
failure that we all live with.  Increasing its robustness is highly
important.  It should be done with the goal of allowing operators,
without much knowledge, to potentially work around problems until they
can actually be solved.  This should be true whether malformed updates
are the result of wrong flags, length/type errors, or ascii-art
unicorns dancing in RPKI signatures.

-- 
Jeff S Wheeler <jsw@inconcepts.biz>
Sr Network Operator  /  Innovative Network Concepts

v2.23.0 | Report a Bug | By Email