[f-nsp] Limitation in number of bgp-communities leads to closure of bgp-session - possible bug?

Gunther Stammwitz gstammw at gmx.net
Wed Oct 4 12:16:48 EDT 2006 

Hello colleages,

I'm running software version 07.8.01dT53 on some jet core and iron core
modules and it looks like there is a problem with the bgp-code. The number
of allowed bgp-communities one can is limited to 6 or something.

When one receives routes from neighbors with more than six communities
attached the bgp-sessions get closed. The reported error is: Peer x.x.x.x
DOWN (Attribute Flags Error)

show ip bgp nei x.x.x.x
1   IP Address: x.x.x.x, AS: 12345 (IBGP), RouterID: x.x.x.x
       Description: CORE1-Loopback
    State: OPEN_SENT, Time: 0h0m40s, KeepAliveTime: 20, HoldTime: 60
       Multihop-EBGP: yes, ttl: 1
       UpdateSource: Loopback 1
       SendCommunity: yes
       NextHopSelf: yes
       MaximumPrefixLimit: 230000
       SoftInboundReconfiguration: yes
       RefreshCapability: Received
    Messages:    Open    Update  KeepAlive Notification Refresh-Req
       Sent    : 74      2655695 6346      52           0          
       Received: 34      4290929 11825     2            0          
    Last Connection Reset Reason:Attribute Flags Error
    Notification Sent:     Finite State Machine Error
    Notification Received: Update Message Error/Attribute Length Error
    Neighbor NLRI Negotiation:
      Peer Negotiated unicast capability
    TCP Connection state: ESTABLISHED
       Byte Sent:   45, Received: 64
       Local host:  x.x.x.2, Local  Port: 8026
       Remote host: x.x.x.1, Remote Port: 179
       ISentSeq: 3314228131  SendNext: 3314228177  TotUnAck:          0
       TotSent:          46  ReTrans:           0  UnAckSeq: 3314228177
       IRcvSeq:  1697078447  RcvNext:  1697078512  SendWnd:       65000
       TotalRcv:         65  DupliRcv:          0  RcvWnd:        16384
       SendQue:           0  RcvQue:            0  CngstWnd:       3971


Example of "evil" prefix:
1       Prefix: 8.9.36.0/24,  Status: BE,  Age: 7d6h43m23s
         NEXT_HOP: x.x.x.x,  Learned from Peer: x.x.x.x (34088)
          LOCAL_PREF: 230,  MED: none,  ORIGIN: igp,  Weight: 0
           AS_PATH: 34088 3356 20473
            COMMUNITIES: 3356:3 3356:100 3356:123 3356:575 3356:2001
34088:44049 34088:44103 34088:46062 21501:40202 
            Adj_RIB_out count: 4,  Admin distance 20


As one can see there are nine communities attached to this route.

To me this looks like a serious bug since one could spread a route with a
lot of communities throughout the internet and - if the communities don't
get overwritten by the transit-isps - could cause a reset of bgp-sessions to
foundry routers.


Can anyone CONFIRM this behavior or is my problem located somewhere else?

Gunther

More information about the foundry-nsp mailing list