Home page logo
/

nanog logo nanog mailing list archives

Re: IS-IS protocol implementation problem
From: Sean Donelan <sean () donelan com>
Date: 29 Oct 2000 18:49:15 -0800


On Sun, 29 October 2000, smd () clock org wrote:
P.S.: any chance you can be a bit more concrete about what's happening?

When I'm concrete, providers complain I'm picking on them, and getting
them bad press.

But since you asked....

At approximately 7:37am EDT on Friday, about 258 Cisco 12000's on UUNET's
primary backbone reloaded. This appeared to be isolated to routers
in ASN 701. It disrupted reachability to about 15% of the world-wide Internet
based on data from Matrix measurements.  A contributing cause was a bad
IS-IS packet which confused certain IOS versions in the 12.0 IOS software
train. I haven't heard what the root cause was or what originated the
bad IS-IS packet. The Cisco bug id is CSCdr05779. Any provider running the
affected IOS version may be vulnerable depending on what the root cause
turns out to be.

Although the bad IS-IS packet didn't propagate to other providers, several
other providers did report BGP resets and route flaps about the same time.





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault