Fwd: BGP session closed after receipt of flowspec route without destination prefix

Maria Matějka maria.matejka at nic.cz
Wed Feb 5 21:14:13 CET 2020 

Hello!

Well, RFC 5575 doesn't explicitly say that the flowspec rule must contain the destination chunk, anyway it specifies that these rules should be understood as additional information for unicast BGP prefixes.

Therefore we assume that the dst is de facto mandatory, despite de iure it is optional.

If there are more benevolent implementations, we may think about waiving this. I think we don't have any strong position on that, we just assume that flowspec is used in the way the RFC says which assumes dst always present. 

Maria 

On February 5, 2020 8:44:54 PM GMT+01:00, "Alex D." <listensammler at gmx.de> wrote:
>Hi,
>does anybody know something about the behavior observed ?
>Regards,
>Alex
>
>-------- Original-Nachricht --------
>Betreff: 	BGP session closed after receipt of flowspec route without
>destination prefix
>Datum: 	Fri, 24 Jan 2020 21:33:17 +0100
>Von: 	Alex D. <listensammler at gmx.de>
>An: 	bird-users at network.cz
>
>
>
>Hi,
>
>i configured the following flowspec route on a Juniper router:
>route v6test {
>     match {
>         source 2a02:xxxx:xxxx:xxxx::1/128;
>     }
>     then discard;
>}
>
>The route was accepted on my Juniper router and blocked all traffic
>from
>src ip 2a02:xxxx:xxxx:xxxx::1 as expected. After advertising the route,
>BIRD closed the BGP session. Is this an expected behaviour, means does
>is it necessary, that a dst prefix for a flowspec route must exist ?
>
>Log:
>2020-01-24 09:52:26.750 <RMT> vs_dis_r1_6838: No dst prefix at first
>pos
>2020-01-24 09:52:26.750 <RMT> vs_dis_r1_6838: Error: Malformed
>attribute
>list
>2020-01-24 09:52:26.750 <TRACE> vs_dis_r1_6838: BGP session closed
>
>BIRD accepted the route after changing to:
>route v6test {
>     match {
>         destination ::/0;
>         source 2a02:xxxx:xxxx:xxxx::1/128;
>     }
>     then discard;
>}
>
>Regards,
>Alex

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20200205/5f4a751f/attachment.htm>

More information about the Bird-users mailing list