nanog mailing list archives
Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF
From: Martin Tonusoo via NANOG <nanog () lists nanog org>
Date: Sun, 7 Sep 2025 19:55:02 +0300
Hi Job,
Older versions of Junos incorrectly interpret the first byte of the Shutdown Communication as a character in the message, instead as the length field.
Thanks, I can confirm this. I sent a valid cease NOTIFICATION message:
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 33
Type: NOTIFICATION Message (3)
Major error Code: Cease (6)
Minor error Code (Cease): Administratively Shutdown (2)
BGP Shutdown Communication Length: 11
Shutdown Communication: maintenance
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ..............
ff ff 00 21 03 06 02 0b 6d 61 69 6e 74 65 6e 61 ...!....maintena
6e 63 65 nce
.. to a lab router running the same Junos version 21.4R3-S3.4 as our
production edge routers and the Junos indeed interpreted the 0x0b seen
in the hex dump above as a first character of the message, rather than
the length of the Shutdown Communication field.
However, I also noticed that one can deliberately/accidentally inject
control characters to Shutdown Communication field and Junos would
return those control characters in its NETCONF response. For example,
let's say that I send a following valid cease NOTIFICATION message to
a Juniper router running Junos version 25.2R1.9:
Border Gateway Protocol - NOTIFICATION Message
Marker: ffffffffffffffffffffffffffffffff
Length: 34
Type: NOTIFICATION Message (3)
Major error Code: Cease (6)
Minor error Code (Cease): Administratively Shutdown (2)
BGP Shutdown Communication Length: 12
Shutdown Communication: \vmaintenance
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ..............
ff ff 00 22 03 06 02 0c 0b 6d 61 69 6e 74 65 6e ...".....mainten
61 6e 63 65 ance
As seen above, the 0x0c is the length of the Shutdown Communication
field in octets and the "0b 6d 61 69 6e 74 65 6e 61 6e 63 65" is the
message. Calling the "get-bgp-neighbor-information" or
"get-bgp-summary-information" RPC on that router would include the
character 0x0b, which is invalid in XML 1.0.
Martin
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/4IZXEOZCIBOFZ3CQLWKHGY7BVR5XH63Y/
Current thread:
- control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Martin Tonusoo via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Job Snijders via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Martin Tonusoo via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Job Snijders via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Jeffrey Haas via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Chris Adams via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Martin Tonusoo via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF nanog--- via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Job Snijders via NANOG (Sep 07)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Yang Yu via NANOG (Sep 08)
- Re: control characters in BGP shutdown communication(RFC 9003) messages and NETCONF Martin Tonusoo via NANOG (Sep 08)