Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Global BGP - 2001-06-23

  • From: lucifer
  • Date: Tue Jun 26 00:01:50 2001

Jared Mauch wrote:
> 
> On Mon, Jun 25, 2001 at 02:38:32PM -0700, lucifer@lightbearer.com wrote:
> > Can anyone verify whether Cisco still does BGP this way? (Propagate, then
> > kill origionating session). If so, it rather clearly answers the question
> > about how this managed to make it throughout the network...
> 
> 	I'm fairly sure that is not the case anymore.
> 
> > (For the record: I'm not trying to Cisco-bash here. All vendors have
> > problems, and when you have a huge market share, your problems tend to
> > show up much more obviously, when they appear. However, Cisco does still
> > have a huge market share, meaning this affected a whole lot of people,
> > if true... so, I'm curious).
> 
> 	From what I can tell this time it was not ciscos fault.  It
> appears that the vendor that had the problem just had an issue with
> a specific "valid" announcement that others propogated to it.

All I can say is that the only report I have had about what caused the
whole mess to start was a Cisco BugID regarding a mangling done by some
IOS versions on a particular sort of route update that made it invalid
(or perhaps, "more invalid"). And if Cisco is no longer propagating routes
before shutting down the source session, then we're back to wondering how
this particular issue managed to cause flaps at the same time across at
least 5 "big player" networks that I've had reports about (including 3
by direct observation), at the same time. This person must have some pretty
impressive connectivity, if they managed to get what appears to be well
over a dozen routers at the absolute minimum, and more likely in the range
of "hundreds" if the rumor volume is at all accurate, to each display the
bug (since, if a bad announcement isn't propagated, it will never reach
anything but the direct peers; thus, this person would have to be directly
peered with every router that anyone saw flapping sessions to a customer).

Now, I'll grant, it would be possible to do this, but for them to have
hit just *our* network, they would have to be on 3 major carries in 3
states, including some places that a normal class B-type announcer just
isn't terribly likely to have a peering session.

> 	What is interesting is one could use this to see what
> providers are using vendor "X" at exchange points.

Quite true. Though I suspect that in some cases, this might only tell you
what routing code they use. Making too many inferences is probably unwise.
Especially given the number of folks who thought they knew who "X" was,
only to state their guess and come out wrong...
-- 
***************************************************************************
Joel Baker                           System Administrator - lightbearer.com
lucifer@lightbearer.com              http://www.lightbearer.com/~lucifer




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.