IETF Logo Mail Archive

Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt

<bruno.decraene@orange.com> Mon, 10 December 2012 09:50 UTC

Return-Path: <bruno.decraene@orange.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65D9221F8E47 for <idr@ietfa.amsl.com>; Mon, 10 Dec 2012 01:50:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.288
X-Spam-Level:
X-Spam-Status: No, score=-2.288 tagged_above=-999 required=5 tests=[AWL=0.310, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ApYB4RUu6QDD for <idr@ietfa.amsl.com>; Mon, 10 Dec 2012 01:50:31 -0800 (PST)
Received: from relais-inet.francetelecom.com (relais-ias92.francetelecom.com [193.251.215.92]) by ietfa.amsl.com (Postfix) with ESMTP id 423FB21F8E45 for <idr@ietf.org>; Mon, 10 Dec 2012 01:50:31 -0800 (PST)
Received: from omfedm05.si.francetelecom.fr (unknown [xx.xx.xx.1]) by omfedm12.si.francetelecom.fr (ESMTP service) with ESMTP id 8A94818C302; Mon, 10 Dec 2012 10:50:30 +0100 (CET)
Received: from Exchangemail-eme1.itn.ftgroup (unknown [10.114.1.186]) by omfedm05.si.francetelecom.fr (ESMTP service) with ESMTP id 6BCAA35C045; Mon, 10 Dec 2012 10:50:30 +0100 (CET)
Received: from PEXCVZYM11.corporate.adroot.infra.ftgroup ([fe80::a441:e6a9:6143:6f0f]) by PEXCVZYH01.corporate.adroot.infra.ftgroup ([::1]) with mapi id 14.02.0318.004; Mon, 10 Dec 2012 10:50:30 +0100
From: bruno.decraene@orange.com
To: Jeff Wheeler <jsw@inconcepts.biz>, Chris Hall <chris.hall@highwayman.com>
Thread-Topic: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
Thread-Index: AQHN1MWZeU4CoZjya0yWTAtLlzW0N5gN5nqAgAMtk4CAACz+gIAAiPOA
Date: Mon, 10 Dec 2012 09:50:29 +0000
Message-ID: <15157_1355133030_50C5B066_15157_708_1_53C29892C857584299CBF5D05346208A1161FF@PEXCVZYM11.corporate.adroot.infra.ftgroup>
References: <20121121191321.6164.6887.idtracker@ietfa.amsl.com> <50AD2986.90705@cisco.com> <058b01cdd3b4$9f5193b0$ddf4bb10$@highwayman.com> <8ED5B0B0F5B4854A912480C1521F973A0F4940@xmb-rcd-x13.cisco.com> <94913EE5-2864-4EE2-B474-9631430B1E22@ericsson.com> <068701cdd478$2cf01cf0$86d056d0$@highwayman.com> <CAEGVVtBy-zdLz8hVajLnuAqgzfgQHrseK4r-N9=pOZGtqV7LbA@mail.gmail.com> <CAH1iCipfup-GEeJduBti_KHvX1pUZfmZLA3Zz5Y9Aw9xV3fQ9w@mail.gmail.com> <07e901cdd667$31c593e0$9550bba0$@highwayman.com> <CAPWAtbJ4WqoyrzE87v-7hJpp_=fL=B-LevdSe9Q-_m8FLYdFZw@mail.gmail.com>
In-Reply-To: <CAPWAtbJ4WqoyrzE87v-7hJpp_=fL=B-LevdSe9Q-_m8FLYdFZw@mail.gmail.com>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.197.38.2]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2012.10.24.110314
Cc: "idr@ietf.org" <idr@ietf.org>
Subject: Re: [Idr] I-D Action: draft-ietf-idr-error-handling-03.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 09:50:32 -0000

>From: idr-bounces@ietf.org [mailto:idr-bounces@ietf.org] On Behalf Of Jeff
>Wheeler
>
>On Sun, Dec 9, 2012 at 6:44 PM, Chris Hall <chris.hall@highwayman.com> wrote:
>> end.  However, forming these attributes is very simple, well
>> exercised, and easily tested code.  It seems to me that this sort of
>> anomaly is more likely to be symptomatic of a framing issue than it is
>> to be a well-formed attribute which the sender has, for reasons
>> unknown, decided to send with unexpected Flags and/or Length.
>
>Here is an example from two weeks ago of some routes injected to the
>DFZ with malformed attribute flags.  The result was that everyone
>running OpenBGPd more than a few months old, and some networks with
>Alcatel routers, and who knows what else, had their BGP sessions
>resetting endlessly.
>http://mailman.nanog.org/pipermail/nanog/2012-November/053754.html

In that specific case, it was not a BGP protocol error, but a bug in the router receiving the UPDATE. i.e. draft-ietf-idr-error-handling would not change this.
However, this is an example that error in flags, including in well known attributes, may happen.

And in general, I agree with Jeff & Rob: BGP is mission critical to networks. Shutting it down for a wrong flag/bit should not be the first option.

>
>BGP continues to be extended for purposes it was not intended to
>serve.  MBGP is really terrible, and I am sure we all know that.
>Capabilities have some caveats.  Secure BGP is genuinely scary.  Soon,
>BGP will be used for MAC learning in datacenter and WAN networks.
>
>Sadly there is no improved, more robust BGP, with better sanity checks
>and/or more flexibility when handling faulty messages or buggy
>software.  BGP must become more robust because people continue to
>extend its use with more code, and more bugs.
>
>On Sun, Dec 9, 2012 at 6:46 PM, Rob Shakir <rjs@rob.sh> wrote:
>> It strikes me that your analysis is aiming to ensure 100% consistency at the
>device level - which I think is something that we have to accept is
>incompatible with overall network system robustness.
>
>I agree.  I hope vendors will think hard about what default
>configurations they ship, but giving operators some knobs may save
>them a lot of money and stress when things go bad at 2am and they have
>got to find a work-around to their problem until their vendor TAC or
>in-house experts can find out what is wrong.
>
>BGP is mission-critical for everyone.  If it stops working, you start
>losing money, instantly.  The BGP protocol is the single point of
>failure that we all live with.  Increasing its robustness is highly
>important.  It should be done with the goal of allowing operators,
>without much knowledge, to potentially work around problems until they
>can actually be solved.  This should be true whether malformed updates
>are the result of wrong flags, length/type errors, or ascii-art
>unicorns dancing in RPKI signatures.
>
>--
>Jeff S Wheeler <jsw@inconcepts.biz>
>Sr Network Operator  /  Innovative Network Concepts
>_______________________________________________
>Idr mailing list
>Idr@ietf.org
>https://www.ietf.org/mailman/listinfo/idr

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
France Telecom - Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, France Telecom - Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email