[ixpmanager] bird 2.0.8 malformed attributes
Nick Hilliard (INEX)
nick at inex.ie
Tue Oct 28 12:16:30 GMT 2025
There's been some reports over the last couple of days about a malformed
BGP update causing route server sessions to be reset on BGP sessions to
BIRD2 route servers.
Fix
If any IXP is running bird 2.0.8 or older, an upgrade to something more
recent would be advisable.
The version of BIRD on Ubuntu 24.04 is not affected by this problem, but
older versions of Ubuntu and Debian can be upgraded to the most recent
build using the instructions here:
https://pkg.labs.nic.cz/doc/?project=bird
Select "bird2", then the version of Ubuntu you're running, and it will
provide the correct entry for your APT file.
Details
A prefix with BGP attribute 35 (Only to Customer (OTC) -
https://www.iana.org/assignments/bgp-parameters#bgp-parameters-2) was
observed on Oct 24 at around 06:00 UTC, and carried by a network with
connections to a large number of IXPs. This update was mishandled by
BIRD which rebuilt the attribute list and forwarded it to bgp peers with
an incorrect path length of 1024. On more recent BGP stacks which
implement RFC7606 error handling, the prefix was handled using
"treat-as-withdraw". However some older stacks reverted the behaviour
described in rfc4271, section 6.3, and reset the session with a
malformed update error notification. I.e. the BGP session dropped.
The problem was fixed in bird shortly after 2.0.8 was released.
There's nothing about this behaviour which is specific to IXP route
servers, however it's more noticeable because a route server typically
has a large number of external BGP sessions.
Nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.inex.ie/pipermail/ixpmanager/attachments/20251028/e36d9329/attachment.htm>
More information about the ixpmanager
mailing list