Re: OpenBGPD Flaps, 32bit ASn in the wild.

Wed, 10 Dec 2008 14:39:31 -0800 

On Wed, Dec 10, 2008 at 04:47:31PM -0500, Ted Unangst wrote:
> On Wed, Dec 10, 2008 at 4:38 PM, Claudio Jeker <[EMAIL PROTECTED]> wrote:
> > I looked at the porblem and I'm currently unsure what the best way is to
> > handle such bad AS4_* attributes. The RFC in all its glory does not
> > mention how to handle errors. So at the moment I'm in favor of just
> > dropping/ignoring the bad optional attribute but I need to recheck with
> > the BGP RFC to see if this is valid. Another solution is to ignore the
> > full update but I have a bad feeling about that.
> 
> Can you ignore just the route with the bad attribute?  We don't want
> to propagate it more.
> 

The best thing we can do is to mark the update as ineligible so it will
not propaget further and will not be used but this is a quite radical
measure. On the other hand this is porbably the safest way to handle this
error.

Comments?
-- 
:wq Claudio

Index: rde.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.232
diff -u -p -r1.232 rde.c
--- rde.c       15 Jun 2008 10:03:46 -0000      1.232
+++ rde.c       10 Dec 2008 22:30:38 -0000
@@ -797,8 +797,10 @@ rde_update_dispatch(struct imsg *imsg)
                /*
                 * if either ATTR_NEW_AGGREGATOR or ATTR_NEW_ASPATH is present
                 * try to fixup the attributes.
+                * XXX do not fixup if F_ATTR_LOOP is set.
                 */
-               if (asp->flags & F_ATTR_AS4BYTE_NEW)
+               if (asp->flags & F_ATTR_AS4BYTE_NEW &&
+                   !(asp->flags & F_ATTR_LOOP))
                        rde_as4byte_fixup(peer, asp);
 
                /* enforce remote AS if requested */
@@ -1347,10 +1349,16 @@ bad_flags:
                    ATTR_PARTIAL))
                        goto bad_flags;
                if (aspath_verify(p, attr_len, 1) != 0) {
-                       /* XXX draft does not specify how to handle errors */
-                       rde_update_err(peer, ERR_UPDATE, ERR_UPD_ASPATH,
-                           NULL, 0);
-                       return (-1);
+                       /*
+                        * XXX RFC does not specify how to handle errors.
+                        * XXX Instead of dropping the session because of a
+                        * XXX bad path just mark the full update as not
+                        * XXX loop-free the update is no longer eligible and
+                        * XXX will not be considered for routing or
+                        * XXX redistribution. Something better is needed.
+                        */
+                       a->flags |= F_ATTR_LOOP;
+                       goto optattr;
                }
                a->flags |= F_ATTR_AS4BYTE_NEW;
                goto optattr;

Reply via email to