<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Job, (Mikael)<br>
</p>
<p>Some more detail.<br>
</p>
<div class="moz-cite-prefix">On 1/8/2019 3:48 AM, Job Snijders
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CACWOCC8wo_4FUbUSADgouyjp1w2Qv5Q7-9RVbq4fO0S-7VN=KA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>
<div>
<div dir="auto">Dear Lou,</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">I have some follow up questions:</div>
<div dir="auto"><br>
</div>
<div dir="auto">- when was this bug introduced?</div>
</div>
</blockquote>
<p>The VNC code was submitted as a patch to Quagga in 2014, although
authored a bit earlier - basically t the same time RFC5566 was
being worked. It was included in the original FRR release.</p>
<p>The issue was related to a development attribute that was
intended to be disabled in production use. Per rfc2042, the (VNC)
code was using 255 as a development value for features that ended
up never being standardized. The intent was to disable this usage
for non-development use. Since 255 was a known attribute, the
parsing code (bgp_attr.c) tried to parse the attribute that was
generated as part of the experiment -- and failed as it was an
unknown format. This failure in turn resulted in common attribute
parsing error behavior being triggered. Which is is governed by
<a class="moz-txt-link-freetext" href="https://tools.ietf.org/html/rfc4271#section-6.3">https://tools.ietf.org/html/rfc4271#section-6.3</a> and RFC4271 Page
74, event 28.</p>
<p><br>
</p>
<blockquote type="cite"
cite="mid:CACWOCC8wo_4FUbUSADgouyjp1w2Qv5Q7-9RVbq4fO0S-7VN=KA@mail.gmail.com">
<div>
<div dir="auto"><br>
</div>
<div dir="auto">- why is the session flapping at all? Doesn’t
RFC 7606 suggest to handle such instances in a more graceful
way, aka “treat-as-withdraw” rather than destroy the world and
kill the session? Or perhaps rfc 5512 section 6 is of
relevance too.</div>
</div>
</blockquote>
<p>As Donald mentioned, FRR does not yet support 7606, so FRR
behaves per RFC4271 Page 74, event 28.<br>
</p>
<blockquote type="cite"
cite="mid:CACWOCC8wo_4FUbUSADgouyjp1w2Qv5Q7-9RVbq4fO0S-7VN=KA@mail.gmail.com">
<div>
<div dir="auto"><br>
</div>
<div dir="auto">- what timeline do you propose? Right now these
quagga deployments are obstructing legitimate research (the
experiment isn’t about finding broken BGP implementations).</div>
<div dir="auto"><br>
</div>
</div>
</blockquote>
<p>Thanks to the hard work of notably Donald and Martin the code is
in and releases are being rolled.</p>
<p>The fix is to disable usage of the development attribute type [1]
and long term to implement 7606 [2].</p>
<p>Lou</p>
<p>[1]<a class="moz-txt-link-freetext" href="https://github.com/FRRouting/frr/commit/943d595a018e69b550db08cccba1d0778a86705a#diff-d081a503fd40b967e697f8114c83ab58">https://github.com/FRRouting/frr/commit/943d595a018e69b550db08cccba1d0778a86705a#diff-d081a503fd40b967e697f8114c83ab58</a></p>
<p>[2] <a class="moz-txt-link-freetext" href="https://github.com/FRRouting/frr/issues/3583">https://github.com/FRRouting/frr/issues/3583</a><br>
</p>
<p><br>
</p>
<blockquote type="cite"
cite="mid:CACWOCC8wo_4FUbUSADgouyjp1w2Qv5Q7-9RVbq4fO0S-7VN=KA@mail.gmail.com">
<div>
<div dir="auto">Kind regards,</div>
<div dir="auto"><br>
</div>
<div dir="auto">Job</div>
</div>
<div>
<div><br>
<div class="gmail_quote">
<div dir="ltr">On Tue, Jan 8, 2019 at 11:31 Lou Berger <<a
href="mailto:lberger@labn.net" target="_blank"
moz-do-not-send="true">lberger@labn.net</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">To add
some more detail here. The root cause of the this issue
was the <br>
use of a BGP attribute reserved for development in the VNC
code[1]. The <br>
original intent was to disable use of this attribute by
VNC[1] and FRR <br>
in production, but this didn't happen. My apologies for
this. A proper <br>
fix has been submitted for all active releases and is
undergoing <br>
testing. For those who are interested, release specific
PRs can be <br>
found at [3].<br>
<br>
Lou<br>
<br>
[3] <a href="https://github.com/FRRouting/frr/pulls"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://github.com/FRRouting/frr/pulls</a><br>
<br>
On 1/7/2019 1:31 PM, Quentin Young wrote:<br>
> Hello operators,<br>
><br>
> This morning some users running FRR BGP noticed that
their sessions were<br>
> flapping. Investigation revealed that this was caused
by an experiment being<br>
> run by SwiNOG [0] which was triggering an undesired
code path in FRR.<br>
> Specifically, FRR uses attribute type 0xFF as the
attribute code for VNC [1].<br>
> This code was intended to be turned off by default,
but our current published<br>
> builds [2] have it turned on. Consequently, bgpd
attempts to parse the received<br>
> attribute as a VNC attribute and fails, triggering a
session reset.<br>
><br>
> We have a patch in testing now and expect to have new
build artifacts published<br>
> shortly. Additionally, we have contacted the
experiment operators and requested<br>
> a pause in the experiment while we handle this issue.<br>
><br>
> Thank you to the operators that notified us this
morning!<br>
><br>
> - FRR maintainer team<br>
><br>
> [0] <a
href="http://lists.swinog.ch/public/swinog/2018-December/007110.html"
rel="noreferrer" target="_blank" moz-do-not-send="true">http://lists.swinog.ch/public/swinog/2018-December/007110.html</a><br>
> [1] <a
href="http://docs.frrouting.org/en/latest/vnc.html"
rel="noreferrer" target="_blank" moz-do-not-send="true">http://docs.frrouting.org/en/latest/vnc.html</a><br>
> [2] <a
href="https://github.com/FRRouting/frr/releases"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://github.com/FRRouting/frr/releases</a><br>
> _______________________________________________<br>
> frog mailing list<br>
> <a href="mailto:frog@lists.frrouting.org"
target="_blank" moz-do-not-send="true">frog@lists.frrouting.org</a><br>
> <a href="https://lists.frrouting.org/listinfo/frog"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.frrouting.org/listinfo/frog</a><br>
<br>
_______________________________________________<br>
frog mailing list<br>
<a href="mailto:frog@lists.frrouting.org" target="_blank"
moz-do-not-send="true">frog@lists.frrouting.org</a><br>
<a href="https://lists.frrouting.org/listinfo/frog"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.frrouting.org/listinfo/frog</a><br>
</blockquote>
</div>
</div>
</div>
</blockquote>
</body>
</html>