[rbak-nsp] New old BGP issue.
Pawel Jarosz
pj at hostersi.pl
Fri Dec 2 05:56:18 EST 2011
Hi,
there is another BGP issue, known since 2008.
Oversized as path causes BGP session to be torn down,
this is ok from RFC point of view, but mostly inacceptable in public network.
I have checked this on SEOS-6.4.1.3-Release, and the issue exists.
PoC available on request.
Cisco has resolved this:
http://www.cisco.com/en/US/docs/ios/12_3/release/notes/123mcav2.html
•CSCeh13489
Symptoms: A router may reset its Border Gateway Protocol (BGP) session.
Conditions: This symptom is observed when a Cisco router that peers with
other routers receives an Autonomous System (AS) path with a length that
is equal to or greater than 255.
Workaround: Configure the bgp maxas limit command in such as way that the
maximum length of the AS path is a value below 255. When the router
receives an update with an excessive AS path value, the prefix is rejected
and recorded the event in the log.
Is there a way to avoid this strict RFC behavior in SeOS?
Regards,
Pawel Jarosz
More information about the redback-nsp
mailing list