Strange BGP announcement.

:: Scott Gifford writes ::

> > > Bays don't crash (at least not in the general case ... for example,
> > > mine stayed up this time and the last time this happened), but they do
> > > send a NOTIFY and bring down the BGP session, as required by the RFC.
> > > (I believe gated does this also.)

  In case any Bay Networks users didn't already know this, reasonably new
version of the system software have a switch to turn off this behavior:

1:TN]$g wfBgpPeerEntry.41.*
wfBgpPeerEntry.wfBgpPeerASLoopDetect.157.130.101.182.157.130.101.181 = 2
wfBgpPeerEntry.wfBgpPeerASLoopDetect.204.70.16.38.204.70.16.37 = 1
wfBgpPeerEntry.wfBgpPeerASLoopDetect.204.70.100.66.204.70.100.65 = 1
wfBgpPeerEntry.wfBgpPeerASLoopDetect.209.54.51.230.209.54.51.229 = 2
wfBgpPeerEntry.wfBgpPeerASLoopDetect.209.54.101.238.209.54.101.237 = 2

[1:TN]$set wfBgpPeerEntry.wfBgpPeerASLoopDetect.204.70.100.66.204.70.100.65 2
                          (41) (interface)
[1:TN]$commit

  Set this flag to '2' for each interface to keep your router from tearing
down BGP sessions when it finds a loop. Don't forget to commit
afterwards, and then to do a "save config config" so it will take after
you reboot.

This wasn't a loop. This was a malformed AS path. The length of the
entire AS Path attribute was 14 bytes, and the length of the first AS
Sequence segment was 7 AS's, even though there wasn't room to fit that
many in 14 bytes. (7AS's * 2 bytes each + 2 bytes for the segment
header, gives a minimum of 16 bytes needed.)

Does this attribute also disable detection of malformed AS Paths?

          - Brett (brettf@netcom.com)

:: Scott Gifford writes ::

> > > Bays don't crash (at least not in the general case ... for example,
> > > mine stayed up this time and the last time this happened), but

they do

> > > send a NOTIFY and bring down the BGP session, as required by the

RFC.

> > > (I believe gated does this also.)

  In case any Bay Networks users didn't already know this, reasonably new
version of the system software have a switch to turn off this behavior:

1:TN]$g wfBgpPeerEntry.41.*
wfBgpPeerEntry.wfBgpPeerASLoopDetect.157.130.101.182.157.130.101.181 = 2
wfBgpPeerEntry.wfBgpPeerASLoopDetect.204.70.16.38.204.70.16.37 = 1
wfBgpPeerEntry.wfBgpPeerASLoopDetect.204.70.100.66.204.70.100.65 = 1
wfBgpPeerEntry.wfBgpPeerASLoopDetect.209.54.51.230.209.54.51.229 = 2
wfBgpPeerEntry.wfBgpPeerASLoopDetect.209.54.101.238.209.54.101.237 = 2

[1:TN]$set

wfBgpPeerEntry.wfBgpPeerASLoopDetect.204.70.100.66.204.70.100.65 2

                          (41) (interface)
[1:TN]$commit

  Set this flag to '2' for each interface to keep your router from tearing
down BGP sessions when it finds a loop. Don't forget to commit
afterwards, and then to do a "save config config" so it will take after
you reboot.

This wasn't a loop. This was a malformed AS path. The length of the
entire AS Path attribute was 14 bytes, and the length of the first AS
Sequence segment was 7 AS's, even though there wasn't room to fit that
many in 14 bytes. (7AS's * 2 bytes each + 2 bytes for the segment
header, gives a minimum of 16 bytes needed.)

Does this attribute also disable detection of malformed AS Paths?

No.