Cisco bug behind small scale Internet outage
Duke, RIPE NCC BGP experiment triggers IOS XR vulnerability
By Jim Duffy on Tue, 08/31/10 - 5:01pm.Cisco says it has patched a bug in its routers that was behind the outage affecting 1% of the Internet last week. As colleague Robert McMillan of the IDG News Service reported, an experiment run by Duke University and a European group responsible for managing Internet resources disrupted a small percentage of Internet traffic.
The disruption was traced to a vulnerability in Cisco's IOS XR operating system, which runs on its CRS-1 and XR 12000 series routers. IOS XR routers took the experimental data, corrupted it, and then passed that corrupted information on to other routers, McMillan reports. Many of the routers that received this information closed connections with the Cisco routers that sent the buggy data, causing part of the Internet to become inaccessible.
The experiment conducted by Duke and Reseaux IP Europeens Network Coordination Centre (RIPE NCC) announced BGP routes that were configured differently from normal because they used an experimental data format. The anomaly triggered the IOS XR bug, which disrupted access to networks in 60 countries for less than a half hour.
Duke claimed that the experimental data was "100% standard compliant," according to McMillan's report. RIPE NCC said the experiment was intended "to further global understanding of specific aspects of Internet routing behaviour."
Mission accomplished! The experiment and the bug affected 3,500 IP address prefixes, McMillan reports.
Cisco issued a security advisory on the IOS XR vulnerability hours after the event. RIPE NCC said it will give network operators a heads-up before fiddling with BGP again. Duke would not discuss details about the experiment.
More from Cisco Subnet:
All of today's Cisco news and blogs
Cisco wants to be the standard
Wendell Odom: Tons of Answers at Networkers
Forget Apple. RIM should fear Cisco's Cius
Why You Can No Longer Afford to Consider Presence an Optional Component
The Next Generation of Routing Architecture
Hands on with the Android tablet "Cius" that Cisco announced at Cisco Live
High Availability, Headless Communists, and Other Random Thoughts from Networkers
Lieberman Cybersecurity Bill Could Change IT Procurement
Like RSS readers? Subscribe to the Cisco Subnet RSS feed
Follow all Cisco Subnet bloggers on Twitter.
Follow Jim Duffy on Twitter
- About The Cisco Connection
The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
Follow Jim Duffy on Twitter
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise