Bjørn Mork wrote on 01/09/2023 10:52:
But there's obviously not been enough thought applied to realize that
optional transitive attributes must be considered evil by default. They
can only be used after extremely careful parsing.
This is the BGP version of
select * from mytable where field = $unvalidated_user_input;
it's not really. If the receiving BGP stack understands the attribute,
then it should be parsed as default, i.e. carefully. Unfortunately,
junos slipped up on this and didn't validate the input correctly, which
is a parsing bug. Param validation bugs happen. They shouldn't happen,
but they do.
If an intermediate router doesn't understand a transitive attribute, it
should be ignored, and life should move on.
The problems arise in two situations:
1. malformed attribute, i.e. this situation.
2. vendors squatting path attribute values which are then assigned for
other purposes. This is a subset of #1, but is messy and difficult to
rectify when it happens. Great for fuzzing, not so good for production
networks.
Nick
