Friday, 22 July 2016

Cisco BGP CDETS BUG

CSCuj18151 -- To be done

Title:

SRP Switchover Due to BGP Failure

Summary:

The BGP peer to the asr5k i.e CRS is sending a BGP update announcing a bhp vpnv4 prefix with a RD value that is invalid and hence the issue"

CRS is generating the malformed bgp update packet and thats causing ASR5k to reset the bgp connection"

Sample ASR5K messages:
EHAout-MPLS09   13
2013-Jul-02+09:58:42.508 [bgp 85000 error] [16/0/11615 <bgp:13> bgp_decode.c:5696] [software internal system] 69.82.10.67-Outgoing [DECODE] NLRI: VPN-IPv4, Invalid RD Type(6560)
2013-Jul-02+09:58:42.508 [bgp 85000 error] [16/0/11615 <bgp:13> bgp_decode.c:589] [software internal system] 69.82.10.67-Outgoing [DECODE] Update: Bad Withdrawn-Routes-Len (55949) + 4 > msg_size (528)
2013-Jul-02+09:58:42.508 [snmp 22002 info] [16/0/11615 <bgp:13> trap_api.c:10512] [software internal system syslog] Internal trap notification 119 (BGPPeerSessionDown) vpn EHAout-MPLS09 ipaddr 69.82.10.67
EHAout-MPLS11   15
2013-Jul-02+09:58:42.508 [bgp 85000 error] [16/0/11847 <bgp:15> bgp_decode.c:5696] [software internal system] 69.82.10.83-Outgoing [DECODE] NLRI: VPN-IPv4, Invalid RD Type(6560)
2013-Jul-02+09:58:42.508 [bgp 85000 error] [16/0/11847 <bgp:15> bgp_decode.c:589] [software internal system] 69.82.10.83-Outgoing [DECODE] Update: Bad Withdrawn-Routes-Len (55949) + 4 > msg_size (528)
2013-Jul-02+09:58:42.508 [snmp 22002 info] [16/0/11847 <bgp:15> trap_api.c:10512] [software internal system syslog] Internal trap notification 119 (BGPPeerSessionDown) vpn EHAout-MPLS11 ipaddr 69.82.10.83



Opening for tracking purposes per Vijay

Analysis:

RFC 4364 --according to this implementation, we have to accept the RD other than 0, 1 and 2. 
16. IANA Considerations


The Internet Assigned Numbers Authority (IANA) has created a new
registry for the "Route Distinguisher Type Field" (see Section 4.2).
This is a two-byte field. Types 0, 1, and 2 are defined by this
document. Additional Route Distinguisher Type Field values with a
high-order bit of 0 may be allocated by IANA on a "First Come, First
Served" basis [IANA]. Values with a high-order bit of 1 may be
allocated by IANA based on "IETF consensus" [IANA].

with out the fix:
BGP RFC 4271 
BGP Error Handling.

This section describes actions to be taken when errors are detected
while processing BGP messages.

When any of the conditions described here are detected, a
NOTIFICATION message, with the indicated Error Code, Error Subcode,
and Data fields, is sent, and the BGP connection is closed (unless it
is explicitly stated that no NOTIFICATION message is to be sent and
the BGP connection is not to be closed). If no Error Subcode is
specified, then a zero MUST be used.


6.3. UPDATE Message Error Handling

All errors detected while processing the UPDATE message MUST be
indicated by sending the NOTIFICATION message with the Error Code
UPDATE Message Error. The error subcode elaborates on the specific
nature of the error.

The NLRI field in the UPDATE message is checked for syntactic
validity. If the field is syntactically incorrect, then the Error
Subcode MUST be set to Invalid Network Field.
If a prefix in the NLRI field is semantically incorrect (e.g., an
unexpected multicast IP address), an error SHOULD be logged locally,
and the prefix SHOULD be ignored.

it was syntactic incorrectness, so we close the connections

R-Comments:

rolled up to v150.main branch.
ChangeSet@1.704.1.1, 2013-07-16 11:53:59-04:00, vkatamre@bxb-mitg-dev03.cisco.com
bgp_route.c, bgp_decode.c:
CSCuh88210 SRP Switchover Due to BGP Failure
when invalid rd type is received, dont treat it has an error and close connection, rather ignore that prefix and continue with the 
rest of the packet.

No comments:

Post a Comment