RFC 9234 (BGP roles) possible bug
Mikhail Grishin
magr at ripn.net
Thu May 11 14:06:48 CEST 2023
Hi,
We ran BGP roles at 1000+ BGP sessions.
About 0.5 - 1% of them affected by some issue. Probably all of them -
Juniper with the old junos.
Here is description:
1) Our device (Bird) sent BGP Open to the peers, with
Capability: BGP Role
Type: BGP Role (9)
Length: 1
Unknown: 01
2) Some "broken?" peers respond with:
Border Gateway Protocol - OPEN Message
Marker: ffffffffffffffffffffffffffffffff
Length: 29
Type: OPEN Message (1)
Version: 4
My AS: xxxxx
Hold Time: 90
BGP Identifier: 10.5.5.2
Optional Parameters Length: 0
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 21
Type: NOTIFICATION Message (3)
Major error Code: Cease (6)
Minor error Code (Cease): Connection Rejected (5)
3) After that, Bird genarates another packet:
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 21
Type: NOTIFICATION Message (3)
Major error Code: OPEN Message Error (2)
Minor error Code (Open Message): Unknown (11)
About stage 2) - peer (old junos) shouldn't generate such response due to
===
If a BGP speaker receives from its peer a capability that it does not
itself support or recognize, it MUST ignore that capability. In
particular, the Unsupported Capability NOTIFICATION message MUST NOT
be generated and the BGP session MUST NOT be terminated in response
to reception of a capability that is not supported by the local
speaker.
===
At the same time, question to the stage 3) - why Bird gererate such message?
+ In the logs printed Error: Role mismatch (provider)
Wbr, Mikhail.
More information about the Bird-users
mailing list