Just to add my vote.
I'm with Claudio on this one.
Surely it's Input
Validation 101 .
Validate the input yes, but don't tamper with what's
not yours
It is not what we do and IMO trying to fiddle out bad path
attributes and still use the crippled rest smells like routing loops
There are, by the way, one or two interesting threads out there from the
commercial router world about the same topic..
http://www.merit.edu/mail.archives/nanog/msg14345.html
Hi,
On Fri, 30.01.2009 at 04:08:34 -0800, OpenBSD User
gb10hkzo-open...@yahoo.co.uk wrote:
Just to add my vote.
I'm with Claudio on this one.
me too.
Validate the input yes, but don't tamper with what's
not yours
After reading the thread on idr, I'm under the impression that the
Hi,
On Sat, 10.01.2009 at 12:11:03 -0600, tico t...@raapid.net wrote:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/bgpd/rde.c
looking at CVS, it seems that multiple patches are needed, right?
And we get the joy of threading them together ourselves, understanding
OpenBGPd's code in the
Hi,
On Thu, 29.01.2009 at 14:47:30 +0100, Toni Mueller openbsd-m...@oeko.net
wrote:
And we get the joy of threading them together ourselves, understanding
OpenBGPd's code in the process... maybe.
can I just plug in a bgpd from -current into a 4.4, or preferably 4.3
system, assuming that I
On Thu, Jan 29, 2009 at 03:28:14PM +0100, Toni Mueller wrote:
Hi,
On Thu, 29.01.2009 at 14:47:30 +0100, Toni Mueller openbsd-m...@oeko.net
wrote:
And we get the joy of threading them together ourselves, understanding
OpenBGPd's code in the process... maybe.
can I just plug in a bgpd
On 2009-01-29, Toni Mueller openbsd-m...@oeko.net wrote:
Hi,
On Sat, 10.01.2009 at 12:11:03 -0600, tico t...@raapid.net wrote:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/bgpd/rde.c
looking at CVS, it seems that multiple patches are needed, right?
And we get the joy of threading
Hi Stuart,
On Thu, 29.01.2009 at 16:52:55 +, Stuart Henderson s...@spacehopper.org
wrote:
This should work, but I run -current everywhere, I have no 4.4 boxes
to test it on.
thanks! I'll try that first, although I hoped to also bag the other
improvements while I'm at it.
Incidentally
Hi Claudio,
On Thu, 29.01.2009 at 17:13:32 +0100, Claudio Jeker cje...@diehard.n-r-g.com
wrote:
Will most probably not work. The -current bgpd has a reworked kroute.c
that needs a -current kernel.
thanks for confirming my doubts. Now I can try to find out whether the
changes in kroute.c are
On Thu, Jan 29, 2009 at 04:52:55PM +, Stuart Henderson wrote:
On 2009-01-29, Toni Mueller openbsd-m...@oeko.net wrote:
Hi,
On Sat, 10.01.2009 at 12:11:03 -0600, tico t...@raapid.net wrote:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/bgpd/rde.c
looking at CVS, it seems that
On 2009-01-29, Claudio Jeker cje...@diehard.n-r-g.com wrote:
On Thu, Jan 29, 2009 at 04:52:55PM +, Stuart Henderson wrote:
On 2009-01-29, Toni Mueller openbsd-m...@oeko.net wrote:
Hi,
On Sat, 10.01.2009 at 12:11:03 -0600, tico t...@raapid.net wrote:
Am 10.12.2008 um 23:32 schrieb Claudio Jeker:
The best thing we can do is to mark the update as ineligible so it
will
not propaget further and will not be used but this is a quite radical
measure. On the other hand this is porbably the safest way to handle
this
error.
Sound good for me.
Falk Brockerhoff wrote:
Am 10.12.2008 um 23:32 schrieb Claudio Jeker:
The best thing we can do is to mark the update as ineligible so it will
not propaget further and will not be used but this is a quite radical
measure. On the other hand this is porbably the safest way to handle
this
error.
Claudio Jeker wrote:
On Wed, Dec 10, 2008 at 04:47:31PM -0500, Ted Unangst wrote:
On Wed, Dec 10, 2008 at 4:38 PM, Claudio Jeker cje...@diehard.n-r-g.com wrote:
I looked at the porblem and I'm currently unsure what the best way is to
handle such bad AS4_* attributes. The RFC in all its
tico wrote:
Claudio Jeker wrote:
On Wed, Dec 10, 2008 at 04:47:31PM -0500, Ted Unangst wrote:
On Wed, Dec 10, 2008 at 4:38 PM, Claudio Jeker
cje...@diehard.n-r-g.com wrote:
I looked at the porblem and I'm currently unsure what the best way
is to
handle such bad AS4_* attributes. The
Hi All,
The AS at the company I work for running (OpenBSD 4.2 and 4.3) as well as
the AS run by a associate of mine (OpenBSD 4.4) experienced rather wild
route flaps earlier today. Quoted from Andy Davidson's post to nanog.
It seems that the prefix causing OpenBGPd speakers to die is
Ditto.
This has just caused me the same problems. Alex at Hurricane Electric
found this for me, and my ipv4 BGP sessions have *only* stabilized after
filtering out this prefix (4.4-RELEASE on i386).
I'll post up MRT dumps if anyone's interested.
-Tico
Peter Bristow wrote:
Hi All,
The AS
Hi all
We were one of the AS's affected by this -- it took down both of our
(otherwise very reliable!) OpenBSD 4.4 routers, and I spent much of this
afternoon diagnosing and then working around the problem.
The problem is that the AS4_PATH value being transmitted for prefix
91.207.218.0/23
tico wrote:
Ditto.
This has just caused me the same problems. Alex at Hurricane Electric
found this for me, and my ipv4 BGP sessions have *only* stabilized
after filtering out this prefix (4.4-RELEASE on i386).
I'll post up MRT dumps if anyone's interested.
-Tico
Peter Bristow wrote:
Hi
Hi
So either of you should contact the ukranian ISP who is at that
prefix; that is the problem, right?
Yes we've been in contact with said ISP. They have called out their on call
engineer and their upstreams are applying pressure. This time it was
unintentional. A rouge isp DoSing all
On Wed, Dec 10, 2008 at 09:19:42PM +, Peter Bristow wrote:
Hi
So either of you should contact the ukranian ISP who is at that
prefix; that is the problem, right?
Yes we've been in contact with said ISP. They have called out their on call
engineer and their upstreams are applying
So either of you should contact the ukranian ISP who is at that
prefix; that is the problem, right?
Yes we've been in contact with said ISP. They have called out their on call
engineer and their upstreams are applying pressure. This time it was
unintentional. A rouge isp DoSing all
On Wed, Dec 10, 2008 at 4:38 PM, Claudio Jeker [EMAIL PROTECTED] wrote:
I looked at the porblem and I'm currently unsure what the best way is to
handle such bad AS4_* attributes. The RFC in all its glory does not
mention how to handle errors. So at the moment I'm in favor of just
On Wed, Dec 10, 2008 at 04:47:31PM -0500, Ted Unangst wrote:
On Wed, Dec 10, 2008 at 4:38 PM, Claudio Jeker [EMAIL PROTECTED] wrote:
I looked at the porblem and I'm currently unsure what the best way is to
handle such bad AS4_* attributes. The RFC in all its glory does not
mention how to
24 matches
Mail list logo