Page MenuHomeVyOS Platform
Create Task
Maniphest T6782

BGP Session reset - UPDATE Message Error/Invalid NEXT_HOP Attribute
Open, LowPublicBUG
Actions

Description

Hi Team,

I've strange situation peering with Vultr on one of the nodes, from their side that complaining that this is related to: CVE-2023-38802 but this was fixed on 1.3.3/1.3.4.
The error what I've below is on 1.3.8 and sessio is flapping.

How I can help to resolve thjis issue, or this is more to FRR and should go to them?

ii frr 7.5.1-20240509-02-gc9dd2977e-0 amd64 FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)
ii frr-pythontools 7.5.1-20240509-02-gc9dd2977e-0 all FRRouting suite - Python tools
ii frr-rpki-rtrlib 7.5.1-20240509-02-gc9dd2977e-0 amd64 FRRouting suite - BGP RPKI support (rtrlib)
ii frr-snmp 7.5.1-20240509-02-gc9dd2977e-0 amd64 FRRouting suite - SNMP support

Oct 15 14:41:20 bgpd[876]: [EC 33554503] 2001:19f0:ffff::1 unrecognized capability code: 70 - ignored
Oct 15 14:41:20 bgpd[876]: [EC 33554503] 2001:19f0:ffff::1 unrecognized capability code: 6 - ignored
Oct 15 14:41:20 bgpd[876]: [EC 33554503] 2001:19f0:ffff::1 unrecognized capability code: 71 - ignored
Oct 15 14:41:24 bgpd[876]: [EC 33554436] Malformed AS path from 2001:19f0:ffff::1, length is 24
Oct 15 14:41:24 bgpd[876]: [EC 33554487] 2001:19f0:ffff::1: Attribute AS_PATH, parse error - treating as withdrawal
Oct 15 14:41:24 bgpd[876]: [EC 33554454] 2001:19f0:ffff::1 rcvd UPDATE with errors in attr(s)!! Withdrawing route.
Oct 15 14:41:24 bgpd[876]: [EC 33554438] Martian nexthop 0.0.0.0
Oct 15 14:41:24 bgpd[876]: [EC 33554454] bgp_process_packet: BGP UPDATE receipt failed for peer: 2001:19f0:ffff::1
Oct 15 14:41:26 bgpd[876]: [EC 33554503] 2001:19f0:ffff::1 unrecognized capability code: 70 - ignored
Oct 15 14:41:26 bgpd[876]: [EC 33554503] 2001:19f0:ffff::1 unrecognized capability code: 6 - ignored
Oct 15 14:41:26 bgpd[876]: [EC 33554503] 2001:19f0:ffff::1 unrecognized capability code: 71 - ignored
Oct 15 14:41:29 bgpd[876]: [EC 33554436] Malformed AS path from 2001:19f0:ffff::1, length is 24
Oct 15 14:41:29 bgpd[876]: [EC 33554487] 2001:19f0:ffff::1: Attribute AS_PATH, parse error - treating as withdrawal
Oct 15 14:41:29 bgpd[876]: [EC 33554454] 2001:19f0:ffff::1 rcvd UPDATE with errors in attr(s)!! Withdrawing route.
Oct 15 14:41:29 bgpd[876]: [EC 33554438] Martian nexthop 0.0.0.0
Oct 15 14:41:29 bgpd[876]: [EC 33554454] bgp_process_packet: BGP UPDATE receipt failed for peer: 2001:19f0:ffff::1

Last reset 00:00:05,   Notification sent (UPDATE Message Error/Invalid NEXT_HOP Attribute)
Message received that caused BGP to send a NOTIFICATION:
  FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
  008A0200 00007390 0E001A00 02011020
  0119F0FF FF000000 00000000 00000100
  1D2A0ABC C0400101 00500200 18020500
  00FC0300 004FF900 000A2B00 00067500
  00A02901 00C00708 0000A029 C10B5801
  C0080C4F F900C84F F90A2BFC 03002CC0
  20180000 4FF90000 00C80000 0A2B0000
  4FF90000 00C80000 220A

Thanks,

Details

Difficulty level
Unknown (require assessment)
Version
1.3.8
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

drixter created this task.Tue, Oct 15, 2:48 PM
drixter added a comment.Tue, Oct 15, 4:18 PM

Hi

I've checked on 1.4.0 and BGP session is stable

ii frr 9.1-172-g923799172 amd64 FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)
ii frr-pythontools 9.1-172-g923799172 all FRRouting suite - Python tools
ii frr-rpki-rtrlib 9.1-172-g923799172 amd64 FRRouting suite - BGP RPKI support (rtrlib)
ii frr-snmp 9.1-172-g923799172 amd64 FRRouting suite - SNMP support

vyosbot added a project: Restricted Project.Wed, Oct 16, 6:08 AM
pasik subscribed.Wed, Oct 16, 11:55 AM
syncer triaged this task as Low priority.Sat, Oct 19, 5:51 PM