Mailing List Archive

On Sat, Sep 30, 2017 at 5:45 PM, William Herrin <bill@herrin.us> wrote:

> While we wait for the patch to be rolled out, the myriad distros to
> release it and then wait for a decade's worth of Quagga users to update
> their software, is there anything I can do to discard the malformed
> advertisement with the stupidly long AS path when I _receive_ it instead of
> flapping the BGP session every 30 seconds?
>

Howdy,

It was pointed out to me in another forum:
https://tools.ietf.org/html/rfc7606#section-7.2

"An AS_PATH is considered malformed if [...]

There is an overrun where the Path Segment Length field of the last segment
encountered would cause the Attribute Length to be exceeded.

[...]

An UPDATE message with a malformed AS_PATH attribute SHALL be handled using
the approach of "treat-as-withdraw"."

Any chance of getting a patch to Quagga that makes it comply? I tried
editing bgp_attr.c to:

if (attr_endp > endp)
{
zlog (peer->log, LOG_WARNING,
"%s: BGP type %d length %d is too large, attribute total
length is %d. attr_endp is %p. endp is %p", peer->host, type, length,
size, attr_endp, endp);
if (type==2) { /* bad AS path, log and move on. */
zlog (peer->log, LOG_WARNING,
"%s: BGP Attribute %s, parse error - treating as
withdrawal",
peer->host,
LOOKUP (attr_str, type));
return BGP_ATTR_PARSE_WITHDRAW;
}
bgp_notify_send (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
return BGP_ATTR_PARSE_ERROR;
}

But that didn't get the job done so I guess there's more to it than that.

Regards,
Bill Herrin


--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

Ehh guys

Nobody will help You there quagga is dead now... seriously

Go to frr - upgradeto frr  - and problem solved - config is compatible -
but developers are not lazy :)



W dniu 2017-10-01 o 01:17, William Herrin pisze:
> On Sat, Sep 30, 2017 at 5:45 PM, William Herrin <bill@herrin.us
> <mailto:bill@herrin.us>> wrote:
>
> While we wait for the patch to be rolled out, the myriad distros
> to release it and then wait for a decade's worth of Quagga users
> to update their software, is there anything I can do to discard
> the malformed advertisement with the stupidly long AS path when I
> _receive_ it instead of flapping the BGP session every 30 seconds?
>
>
> Howdy,
>
> It was pointed out to me in another forum:
> https://tools.ietf.org/html/rfc7606#section-7.2
>
> "An AS_PATH is considered malformed if [...]
>
> There is an overrun where the Path Segment Length field of the last
> segment encountered would cause the Attribute Length to be exceeded.
>
> [...]
>
> An UPDATE message with a malformed AS_PATH attribute SHALL be handled
> using the approach of "treat-as-withdraw"."
>
> Any chance of getting a patch to Quagga that makes it comply? I tried
> editing bgp_attr.c to:
>
>       if (attr_endp > endp)
>         {
>           zlog (peer->log, LOG_WARNING,
>                 "%s: BGP type %d length %d is too large, attribute
> total length is %d.  attr_endp is %p.  endp is %p", peer->host, type,
> length, size, attr_endp, endp);
>           if (type==2) { /* bad AS path, log and move on. */
>             zlog (peer->log, LOG_WARNING,
>                 "%s: BGP Attribute %s, parse error - treating as
> withdrawal",
>                 peer->host,
>                 LOOKUP (attr_str, type));
>             return BGP_ATTR_PARSE_WITHDRAW;
>           }
>           bgp_notify_send (peer,
>                            BGP_NOTIFY_UPDATE_ERR,
> BGP_NOTIFY_UPDATE_ATTR_LENG_ERR);
>           return BGP_ATTR_PARSE_ERROR;
>         }
>
> But that didn't get the job done so I guess there's more to it than that.
>
> Regards,
> Bill Herrin
>
>
> --
> William Herrin ................ herrin@dirtside.com
> <mailto:herrin@dirtside.com> bill@herrin.us <mailto:bill@herrin.us>
> Dirtside Systems ......... Web: <http://www.dirtside.com/>
>
>
> _______________________________________________
> Quagga-users mailing list
> Quagga-users@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-users