[rbak-nsp] BGP Flapping after update with malformed ASPATH

Thu Jun 21 06:03:24 EDT 2018

Anyone has 12.1.1.12p15 ? The last one i've seen is SEOS-12.1.1.12-p13.

Best regards,

-- 
Wojciech Wrona

W dniu 21.06.2018 o 09:18, Николай Михайлов pisze:
> Hello,
>
> The fix is available on 12.1.1.12p15 version of the software.
>
> Thanks.
>
> 2018-05-30 11:08 GMT+02:00 Marcin Kuczera <marcin at leon.pl 
> <mailto:marcin at leon.pl>>:
>
>     On 2018-05-29 14:19, Marcin Kuczera wrote:
>>     On 2018-05-29 13:07, Wojciech Wrona wrote:
>>>     Marcin Can You tell anything more? I didn't notice any problem
>>>     in decoded aspath in update message (my post before) what did i
>>>     wrong ? :)
>>     AS Path was in fact empty, all ASes in {} brackets were taken
>>     from confederation, but AS-Path itself was empty, and that should
>>     not be sent from RouteServer.
>     An update - after deeper analysing, according to RFC - update was
>     correct, and SEOS should accept it but:
>     - this is a very interesting case of misconfiguration that should
>     not happen in normal usage cases
>     - can only happen in IX when connected to RS that removes it's AS
>     as first AS from AS-patch
>     - it looks like RFC bug, because such config was never considered
>     as possible and maybe RFC needs to be updated in future to avoid
>     such cases.
>
>     Regards,
>     Marcin
>
>
>
>>
>>     Marcin
>>
>>>
>>>     Best regards,
>>>     -- 
>>>     Wojciech Wrona
>>>     W dniu 29.05.2018 o 12:41, Marcin Kuczera pisze:
>>>>
>>>>     Fixed.
>>>>     The problem was located in TPIX, and had been fixed.
>>>>     And that was not a SEOS fault. SEOS behaves correctly. Question
>>>>     is why Juniper passed malformed update...
>>>>
>>>>     Regards,
>>>>     Marcin
>>>>
>>>>     On 2018-05-29 10:58, Wojciech Wrona wrote:
>>>>>     Hi everyone,
>>>>>     It looks like we've managed to find another strange problem
>>>>>     with BGP on SEOS. In the night one of our peers session
>>>>>     started to flap with following message:
>>>>>     May 29 10:52:01: [0001]: %BGP-6-INFO: 195.149.233.1 UP
>>>>>     May 29 10:52:15: [0001]: %BGP-6-INFO: 195.149.233.1 DOWN -
>>>>>     Notification sent
>>>>>     May 29 10:52:15: [0001]: %BGP-6-INFO: 195.149.233.1 send
>>>>>     NOTIFICATION: 3/11 (update: malformed ASPATH) with 21 byte
>>>>>     data. mxReadMs=1555
>>>>>
>>>>>     It does not look like previously mentioned attribute flag
>>>>>     error. Does anyone had something simillar ? It is a session
>>>>>     with route server, so i know about "no enforce first-as"
>>>>>     option and it is turned on, it was working fine till this
>>>>>     night with no configuration change on our side.
>>>>>
>>>>>     "show bgp malform update" looks like this:
>>>>>     May 29 10:52:15 Malformed UPDATE msg (nbr 195.149.233.1,
>>>>>     context 0x40080001, 77 bytes, repeated 5 times, reason:
>>>>>     Invalid msg) -
>>>>>      ffff ffff ffff ffff ffff ffff ffff ffff 004d 0200 0000 3240
>>>>>     0101 0040 0212 0104 0000 17d9 0000 183e 0000 1840 0000 1967
>>>>>     4003 04c3 95e9 6480 0404 0000 0000 c007 0800 0073 5fc3 95ef
>>>>>     ff16 c395 ec
>>>>>
>>>>>     SEOS version SEOS-12.1.1.11p7-Release
>>>>>
>>>>>     Thanks in advance,
>>>>>     Best regards,
>>>>>
>>>>
>>>>     -- 
>>>>
>>>>     Marcin Kuczera / Wiceprezes Zarządu / CTO
>>>>     +48 32 440 80 71/ marcin.kuczera at leon.pl
>>>>     <mailto:marcin.kuczera at leon.pl>
>>>>
>>>>     Leon Sp. z o.o.
>>>>     ul. Kilińskiego 33d, 44-200 Rybnik
>>>>     http://www.leon.pl/
>>>>
>>>>     INTERNET | TELEWIZJA | TELEFON
>>>>
>>>>     KRS 0000223101 Sąd Rejonowy w Gliwicach
>>>>     Kapitał zakładowy 576.700 zł
>>>>     NIP: 6332068698
>>>>
>>>>
>>>>
>>>>     _______________________________________________
>>>>     redback-nsp mailing list
>>>>     redback-nsp at puck.nether.net <mailto:redback-nsp at puck.nether.net>
>>>>     https://puck.nether.net/mailman/listinfo/redback-nsp
>>>>     <https://puck.nether.net/mailman/listinfo/redback-nsp>
>>>
>>>
>>>
>>>     _______________________________________________
>>>     redback-nsp mailing list
>>>     redback-nsp at puck.nether.net <mailto:redback-nsp at puck.nether.net>
>>>     https://puck.nether.net/mailman/listinfo/redback-nsp
>>>     <https://puck.nether.net/mailman/listinfo/redback-nsp>
>>
>>
>>     -- 
>>
>>     Marcin Kuczera / Wiceprezes Zarządu / CTO
>>     +48 32 440 80 71/ marcin.kuczera at leon.pl
>>     <mailto:marcin.kuczera at leon.pl>
>>
>>     Leon Sp. z o.o.
>>     ul. Kilińskiego 33d, 44-200 Rybnik
>>     http://www.leon.pl/
>>
>>     INTERNET | TELEWIZJA | TELEFON
>>
>>     KRS 0000223101 Sąd Rejonowy w Gliwicach
>>     Kapitał zakładowy 576.700 zł
>>     NIP: 6332068698
>>
>>
>>
>>     _______________________________________________
>>     redback-nsp mailing list
>>     redback-nsp at puck.nether.net <mailto:redback-nsp at puck.nether.net>
>>     https://puck.nether.net/mailman/listinfo/redback-nsp
>>     <https://puck.nether.net/mailman/listinfo/redback-nsp>
>
>
>     -- 
>
>     Marcin Kuczera / Wiceprezes Zarządu / CTO
>     +48 32 440 80 71/ marcin.kuczera at leon.pl
>     <mailto:marcin.kuczera at leon.pl>
>
>     Leon Sp. z o.o.
>     ul. Kilińskiego 33d, 44-200 Rybnik
>     http://www.leon.pl/
>
>     INTERNET | TELEWIZJA | TELEFON
>
>     KRS 0000223101 Sąd Rejonowy w Gliwicach
>     Kapitał zakładowy 576.700 zł
>     NIP: 6332068698
>
>
>     _______________________________________________
>     redback-nsp mailing list
>     redback-nsp at puck.nether.net <mailto:redback-nsp at puck.nether.net>
>     https://puck.nether.net/mailman/listinfo/redback-nsp
>     <https://puck.nether.net/mailman/listinfo/redback-nsp>
>
>
>
>
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20180621/66594af2/attachment-0001.html>