[FROG] Advisory - FRR BGP peer flaps @ 2019-01-07
Lou Berger
lberger at labn.net
Mon Jan 7 15:24:53 EST 2019
To add some more detail here. The root cause of the this issue was the
use of a BGP attribute reserved for development in the VNC code[1]. The
original intent was to disable use of this attribute by VNC[1] and FRR
in production, but this didn't happen. My apologies for this. A proper
fix has been submitted for all active releases and is undergoing
testing. For those who are interested, release specific PRs can be
found at [3].
Lou
[3] https://github.com/FRRouting/frr/pulls
On 1/7/2019 1:31 PM, Quentin Young wrote:
> Hello operators,
>
> This morning some users running FRR BGP noticed that their sessions were
> flapping. Investigation revealed that this was caused by an experiment being
> run by SwiNOG [0] which was triggering an undesired code path in FRR.
> Specifically, FRR uses attribute type 0xFF as the attribute code for VNC [1].
> This code was intended to be turned off by default, but our current published
> builds [2] have it turned on. Consequently, bgpd attempts to parse the received
> attribute as a VNC attribute and fails, triggering a session reset.
>
> We have a patch in testing now and expect to have new build artifacts published
> shortly. Additionally, we have contacted the experiment operators and requested
> a pause in the experiment while we handle this issue.
>
> Thank you to the operators that notified us this morning!
>
> - FRR maintainer team
>
> [0] http://lists.swinog.ch/public/swinog/2018-December/007110.html
> [1] http://docs.frrouting.org/en/latest/vnc.html
> [2] https://github.com/FRRouting/frr/releases
> _______________________________________________
> frog mailing list
> frog at lists.frrouting.org
> https://lists.frrouting.org/listinfo/frog
More information about the frog
mailing list