On Aug 27, 2010, at 5:37 PM, bmann...@vacation.karoshi.com wrote:
come on Chris, is the Internet an experiment or not? :)
one would think that a responsible party would have made
efforts to let others in the "playground" know they were
going to try something different that could have ramifications
on an unkown distribution of some code bases.
I'm assuming that they weren't really expecting this to cause
issues... Where does one draw the line? I'm planning on announcing
x.y.z.0/20 later in the week -- x, y and z are all prime and the sum
of all 3 is also a prime. There is a non-zero chance that something
somewhere will go flooie, shall I send mail now or later?
Also, I would prefer that this gets discovered and dealt with (in this
case by stopping the announcement :-)) than having folk not willing to
try things and ending up with a weaponized version...
W
I'm not asking my vendor or (in the case of OSS) me to run
"full bit sweeps"... but a heads up to some of the known
ops lists would have been not only welcome but expected.
as usual, YMMV
--bill
On Fri, Aug 27, 2010 at 04:11:32PM -0400, Christopher Morrow wrote:
On Fri, Aug 27, 2010 at 4:07 PM, Mike Gatti <ekim.it...@gmail.com>
wrote:
where's the change management process in all of this.
basically now we are going to starting changing things that can
potentially have an adverse affect on users without letting anyone
know
before hand .... Interesting concept.
you are running bgp, you are connected to the 'internet'... congrats
you are part of the experiment.
I suppose one view is that "at least it wasn't someone with ill
intent, or a misconfigured mikrotek!"
(you are asking your vendors to run full bit sweeps of each protocol
in a regimented manner checking for all possible edge cases and
properly handling them, right?)
-chris
On Aug 27, 2010, at 3:33 PM, Dave Israel wrote:
On 8/27/2010 3:22 PM, Jared Mauch wrote:
When you are processing something, it's sometimes hard to tell
if something
just was mis-parsed (as I think the case is here with the
"missing-2-bytes")
vs just getting garbage. Perhaps there should be some way to
"re-sync" when
you are having this problem, or a parallel "keepalive" path
similar to
MACA/MCAS/MIDCAS/TCAS between the devices to talk when something
bad is
happening.
I know it wasn't there originally, and isn't mandatory now, but
there is
an MD5 hash that can be added to the packet. If the TCP hash
checks
out, then you know the packet wasn't garbled, and just contained
information you didn't grok. That seems like enough evidence to
be able
to shrug and toss the packet without dropping the session.
-Dave
=+=+=+=+=+=+=+=+=+=+=+=+=
Mike Gatti
ekim.it...@gmail.com
=+=+=+=+=+=+=+=+=+=+=+=+=
--
What our ancestors would really be thinking, if they were alive today,
is: "Why is it so dark in here?"
-- (Terry Pratchett, Pyramids)
