On Sat, Aug 28, 2010 at 01:09:47PM +0200, Leen Besselink wrote: > On 08/28/2010 11:39 AM, Saku Ytti wrote: > > On (2010-08-28 18:20 +0900), Randy Bush wrote: > > > > > >> a bgp regression suite would not have caught this as it was not a > >> repeat. but it sure would be useful to implementors. > >> > > Naturally 'proving' that non-trivial software works is practically > > impossible. But stating what non-existing test-suite would or would not > > have covered is not a topic I'm particularly interested to engage. > > > > > > > I suggest the test-tool has 2 bgp-sessions and tests if what it put in > did or did not come out on the otherside and in what shape or form. > > There are already atleast 2 projects which have BGP-code which could > probably be adapted: > http://code.google.com/p/exabgp/ > http://code.google.com/p/bgpsimple/ > > Can I suggest a fuzzer as wel ? > >
There was once cert-bgp-testcases-28may03-final.tar.gz which did some testing (including expected responses). I use it from time to time. >From the README: For more information see the NANOG 28 (http://www.nanog.org) presentation ... "BGP Vulnerability Testing: Separating Fact from FUD" by Sean Convery (s...@cisco.com) and Matthew Franz (mfr...@cisco.com) But my quick googeling failed to locate a link to it. -- :wq Claudio