[f-nsp] Netiron AS4 capabilities
Jörg Kost
jk at ip-clear.de
Thu Jun 29 17:27:42 EDT 2023
Bottom line: Vote with your wallet, buy some Extreme ;-)
In your dump e.g. there is an empty AS-Path with length 0 and then Extended-Length is set anyway.
I think that the spontaneously flag setting, will cause problems for other vendors too.
Path Attribute - AS_PATH: empty
Flags: 0x50, Transitive, Extended-Length, Well-known, Complete
0... .... = Optional: Not set
.1.. .... = Transitive: Set
..0. .... = Partial: Not set
...1 .... = Extended-Length: Set
.... 0000 = Unused: 0x0
Type Code: AS_PATH (2)
Length: 0
On 29 Jun 2023, at 23:13, Bogdan Rotariu wrote:
> Yes Netiron is a real stable software, we have plenty Brocades in use and except the ones that got many sessions and occasionally have memory issues, we never had any issues. Unfortunately I cannot convince Mikrotik that they have a bug and till now I cannot see anyone else on the forum or on their discord server that are affected by this
> issue and more unfortunately I got my hands on devices I cannot use :-)
>
>> On 30 Jun 2023, at 00:03, Jörg Kost <jk at ip-clear.de> wrote:
>>
>> By the way, it is also wrongly set in the BGP message for the community attribute, which must be a bug in Mtick.
>>
>> NetIron BGP code is quite stable, I've never had any problems with it in 10 years. The parser has to be careful when validating the attributes, it's all C code, nobody needs a buffer overflow on their BGP router ;-)
>>
>> On 29 Jun 2023, at 20:28, Jörg Kost wrote:
>>
>>> Oh thank you, well, I'll throw that naively into the room,
>>> the extended length flag for the AGGREGATOR must not be set at all, as the length is fixed at = 8.
>>> Anyone else have an opinion on this? That looks like an error in the Mikrotik code to me.
>>>
>>> There was a similar bug with Bird:
>>> https://bird.network.cz/pipermail/bird-users/2021-March/015312.html
>>>
>>> On 29 Jun 2023, at 19:59, Bogdan Rotariu wrote:
>>>
>>>> Yes, I did do that so I can filter AS-PATHS, but too many. I just activated again. For not spamming the list too much added just some of the output,, the full output is here: https://pastie.dev/CdnSr8.yaml
>>>>
>>>> [29.06.2023, 8:53:34,297 PM] Jun 29 20:53:34.351 BGP: Incoming TCP connection. peer 10.11.1.15 OKed
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: Rcv incoming TCP connection UP. handle a001143a:1b7fadf4, key 0
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 Connection Collision, connection_up=0
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 Accept incoming TCP connection from peer, local IP 10.11.1.4
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 TCP Connection opened
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 sending MultiProtocol cap, afi/safi=1/1, length 4
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 sending 4-octet ASN cap, asn=56430, length 4
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 fbit is 0, for AFI/SAFI 1/1
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 sending Graceful Restart cap, rbit 0, time 120, length 6
>>>> [29.06.2023, 8:53:34,299 PM] Jun 29 20:53:34.352 BGP: 10.11.1.15 sending OPEN, My asn=56430 holdTime=90 route_refresh=1 cooperative= 1, restart 1/0
>>>> [29.06.2023, 8:53:34,300 PM] Jun 29 20:53:34.355 BGP: 10.11.1.15 rcv OPEN w/Option parameter length 20, My asn 56430, hold_time 180
>>>> [29.06.2023, 8:53:34,300 PM] Jun 29 20:53:34.355 BGP: 10.11.1.15 rcv OPEN w/Option parameter length 20
>>>> [29.06.2023, 8:53:34,300 PM] Jun 29 20:53:34.355 BGP: 10.11.1.15 rcv capability 2, len 0
>>>> [29.06.2023, 8:53:34,300 PM] Jun 29 20:53:34.355 BGP: 10.11.1.15 rcv 4-octet ASN capability 65, len 4, asn=56430,
>>>> [29.06.2023, 8:53:34,300 PM] Jun 29 20:53:34.355 BGP: 10.11.1.15 rcv MP_EXT capability 1, len 4, afi/safi=1/1
>>>> [29.06.2023, 8:53:34,300 PM] Jun 29 20:53:34.355 BGP: 10.11.1.15 rcv Graceful Restart capability 64, len 2, rbit 0, time 0
>>>> [29.06.2023, 8:53:34,301 PM] Jun 29 20:53:34.357 BGP: 10.11.1.15 Peer went to ESTABLISHED state
>>>>
>>>> [29.06.2023, 8:53:35,495 PM] Jun 29 20:53:35.549 BGP: 10.11.1.15 received invalid AGGREGATOR attribute flag (0xd0)
>>>> [29.06.2023, 8:53:35,495 PM] Jun 29 20:53:35.549 BGP: 10.11.1.15 received invalid AGGREGATOR attribute flag (0xd0)
>>>> [29.06.2023, 8:53:35,495 PM] Jun 29 20:53:35.549 BGP: 10.11.1.15 sending NOTIFICATION 3/4 (Attribute Flags Error)
>>>> [29.06.2023, 8:53:35,495 PM] Jun 29 20:53:35.549 BGP: 10.11.1.15 reset due to BGP notification sent
>>>> [29.06.2023, 8:53:35,496 PM] Jun 29 20:53:35.549 BGP: 10.11.1.15 Closing TCP connection 0x00000002
>>>> [29.06.2023, 8:53:35,496 PM] Jun 29 20:53:35.550 BGP: 10.11.1.15 BGP connection closed
>>>> [29.06.2023, 8:53:35,496 PM] Jun 29 20:53:35.550 BGP: 10.11.1.15 Peer went to IDLE state (Attribute Flags Error)
>>>> [29.06.2023, 8:53:35,496 PM] Jun 29 20:53:35.550 BGP: 10.11.1.15 Peer already in IDLE state, stays in IDLE state.
>>>> [29.06.2023, 8:53:35,496 PM] Jun 29 20:53:35.550 BGP: Attribute Error: BGP: 10.11.1.15 rcv UPDATE w/attr: Origin=IGP AS_PATH= AS_SEQ(2) 8708 5606 44418 44418 44418 NextHop=10.11.1.15 LOCAL_PREF=100 ATOMIC_AGGREGATE COMMUNITY=8708:100
>>>> [29.06.2023, 8:53:35,544 PM] Jun 29 20:53:35.600 BGP: 10.11.1.15 RIB_out peer reset #RIB_out 0 (safi 0)
>>>>
More information about the foundry-nsp
mailing list