[FROG] [dev] New Releases of FRR
Italo Cunha
cunha at dcc.ufmg.br
Wed Jan 23 12:21:14 EST 2019
Due to new incident reports, these experiments have been canceled permanently.
On Tue, Jan 22, 2019 at 9:19 AM Italo Cunha <cunha at dcc.ufmg.br> wrote:
>
> Hi all,This is a reminder that this experiment is scheduled for
> tomorrow (Wednesday, Jan. 23rd). We will announce 184.164.224.0/24
> carrying a BGP attribute of type 0xff (reserved for development)
> between 14:00 and 14:15 GMT.
> On Thu, Jan 10, 2019 at 12:08 PM Italo Cunha <cunha at dcc.ufmg.br> wrote:
> >
> > FRR users,
> >
> > We are the research team running the experiment that triggered this
> > issue (a description of the experiment is available [A]). We have
> > postponed our experiment schedule until Jan. 23rd to allow for a
> > two-week upgrade window [B]. Please let us know if you have any
> > feedback.
> >
> > [A] https://goo.gl/AFR1Cn
> > [B] https://goo.gl/nJhmx1
> >
> > --
> > Amir Herzberg, University of Connecticut
> > Ethan Katz-Bassett, Columbia University
> > Haya Shulman, Fraunhofer SIT
> > Ítalo Cunha, Universidade Federal de Minas Gerais
> > Michael Schapira, Hebrew University of Jerusalem
> > Tomas Hlavacek, Fraunhofer SIT
> > Yossi Gilad, MIT
> >
> > On Wed, Jan 9, 2019 at 8:36 PM Donald Sharp <sharpd at cumulusnetworks.com> wrote:
> > >
> > > All -
> > >
> > > On Monday a research group installed into the global BGP routing table
> > > a prefix with a attribute type of 0xFF, which is designated as
> > > experimental by BGP RFC's. FRR had a developmental escape that read
> > > this attribute incorrectly and caused the bgp peering session to flap.
> > > If you have compiled FRR with the `--enable-bgp-vnc` option and run
> > > BGP as a peer on the global routing table you are vulnerable to this
> > > issue. This issue has been fixed in FRR with this commit:
> > >
> > > https://github.com/FRRouting/frr/commit/943d595a018e69b550db08cccba1d0778a86705a
> > >
> > > We have applied this fix to the stable/3.0(3.0.4), stable/4.0(4.0.1),
> > > stable/5.0(5.0.2) and stable/6.0(6.0.2) branches. New releases can be
> > > found here:
> > >
> > > https://github.com/FRRouting/frr/releases/tag/frr-3.0.4
> > > https://github.com/FRRouting/frr/releases/tag/frr-4.0.1
> > > https://github.com/FRRouting/frr/releases/tag/frr-5.0.2
> > > https://github.com/FRRouting/frr/releases/tag/frr-6.0.2
> > >
> > > Snap packaging and the FreeBSD ports have been updated as well. We
> > > recommend you update your installation of FRR immediately.
> > >
> > > At this point we are applying for a CVE and will announce that
> > > information when we have it.
> > >
> > > In the near future we plan to implement RFC-7606 to handle this
> > > situation better in BGP, if you have any questions please feel free to
> > > email me, or to open up discussions on the frog alias.
> > >
> > > thanks!
> > >
> > > donald
> > >
> > > _______________________________________________
> > > dev mailing list
> > > dev at lists.frrouting.org
> > > https://lists.frrouting.org/listinfo/dev
More information about the frog
mailing list