S-284: Border Gateway Protocol Vulnerabilities

6 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Inconsistency between RedHat 6.5 global gateway and single gateway leads to loss of default gateway

Dear friends I use RedHat 6.5, which sets the gateway in the configuration file / etc / sysconfig / network as GATEWAY = 192.168.1.26, and the gateway in the configuration file / etc / sysconfig / network-scripts / ifcfg-eth11 as GATEWAY = 192.168.1.256. The two gateways are different....

2. IP Networking

Regarding Protocol certiifcation

Hello Forum Members, I am siva ranganath from Hyderabad-India. I have an work experince of 4.5 years as application developer and support member in open source systems.i am good basic network programing ie applications developing in TCP/IP and i have an experince of 1 year in this N/W...

3. Linux

GNUGK-How to setup static gateway to gateway routing

Dear Sir I am a newbie in the world of IP telephony. I have been working with Asterisk PBX (SIP) and Cisco Call Manager (MGCP) but now I am learning on how to work GNUGK for H.323 Gatekeeper. I am having a problem, configuring static call routing on GNUGK in the section ...

4. Infrastructure Monitoring

SNMP protocol

dear friends , how can I use the SNMP protocol to monitor the network and send notification alerts to the clients which have windows machines. I found the utility snmp_trapsend at the directory /usr/sbin ,how can I use this command ?? my server is SUN SOLARIS. please help !!!:confused:

5. IP Networking

protocol

iam doing a research on WAN so pliz any body can give me or tell me where i would find communication protocol map..thats all 7 layers..OIS MODEL

6. IP Networking

Protocol Numbers

I'm planning on putting together a chart of basic information (port number, protocol number, transport layer protocol, etc) on different protocols (FTP, ICMP, DNS, IP, etc) I found: http://www.phys-iasi.ro/Library/RFCs/rfc1700.htm and that tells me a little bit of information but I'm looking...

LEARN ABOUT HPUX

ram_monitor

ram_monitor(1M) 														   ram_monitor(1M)

NAME

       ram_monitor - the Route Administration Manager (RAM) monitor

SYNOPSIS

       [IP_address] CLI_Port_Number

DESCRIPTION

       is  an  interactive  command  line utility used to query routing protocol daemons ripngd(1M), bgpd(1M), and isisd(1M).  can be used to view
       detailed information on the IO statistics, the error logs, the routing table, the configured protocol interfaces, and the configured filter
       policies.

       establishes  a  TCP  connection to the routing daemon through the IP address specified at startup.  If an IP address is not specified, con-
       nects to the routing protocol daemon running on the local machine.

   Commands
       In the interactive mode, displays one of the following prompt:

       When connected to the local machine.

       When connected to the IP address specified.
		   The can be or

		   Any of the interactive commands can be run at this prompt.  The interactive commands can be interrupted at any time via a  key-
		   board interrupt.

   General Commands
       Displays all local commands and their functions.

       Displays the list of commands available in the
	      current  mode, if command is not specified.  If the command name is specified, the help topic corresponding to the specified command
	      is displayed.

       Displays the history of commands executed in the
	      interactive session.

       Executes the previous command.

       Executes the command specified by command number,
	      command_num, in the history of commands.

       Redirects the command output to the specified file.

       Exits

   RIPng-Specific Commands
       The following are valid RIPng-specific command:

       Displays the filters configured for RIPng.

       All the gateway filters are displayed.

       All the route filters are displayed.

	      By default, both gateway and route filters are displayed.

       Displays the RIPng routing table.

       Requests the routing table of the gateway using RIPng's protocol
	      request.

	      destination specifies the gateway address to which the request has to be sent.

	      The option specifies the wait time in seconds for the responses.	The default value is 5 seconds if is not specified.

       Toggles the tracing of the protocol daemon.

       Displays the RIPng protocol statistics.

       Displays the RIPng Error counters.

       Displays the RIPng interface configuration.

       Displays configured profiles of RIPng.

   BGP-Specific Commands
       The following are valid BGP-specific commands:

       Displays the list of BGP route filters.

       Displays the BGP routing table.

       Toggles the tracing of the protocol daemon.

       Displays the BGP protocol statistics.

       Displays the list of notification sent to peers.

       Displays the list of BGP peers.

       Displays the list of BGP FSM transition events for all peers.

   IS-IS-Specific Commands
       The following are IS-IS-specific commands:

       Displays the adjacency information.

       Displays the information on
	      interfaces.

       Displays the LSP database for L1, L2,
	      and L1/L2.

       Displays
	      statistics.

       Displays the list of
	      cumulative event log.

       Displays the list of cumulative errors.

       Displays the next hop list derived from the
	      SPF calculation.

       Toggles the trace.

       Displays the list of
	      configured summary filters.

EXAMPLES

   RIPng Examples
       To invoke and connect to type the following at the HP-UX command prompt:

       Following is sample output of the commands:

       ripng> show interface

       If : lan0
	       Status		   :  UP, ENABLED
	       Profile		   :  0
	       Cost		   :  1
	       Mtu		   :  1500
	       Primary Address	   :  fe80::230:6eff:fe2c:b619
	       Site Local Access   :  allow
	       Route Filter Access :  deny

       ripng> show route

       5511::230:6eff:fe2c:b619/64   5511::230:6eff:fe2c:b619  1 local lan0
       5555::230:6eff:fe2c:b619/64   5555::230:6eff:fe2c:b619  1 local lan0
       6666::230:6eff:fe2c:b619/64   6666::230:6eff:fe2c:b619  1 local lan0

       ripng> show profile

       Profile id -  0
	       Horizon (2 - split/ 3 - poison reverse)	   :  3
	       Route Age (in sec)			   :  180
	       Periodic Update Timer Interval (in sec)	   :  30
	       Triggered Update Timer Interval (in sec)    :  5
	       Garbage Collection Timer Interval (in sec)  :  120

       Profile id -  1
	       Horizon (2 - split/ 3 - poison reverse)	   :  3
	       Route Age (in sec)			   :  180
	       Periodic Update Timer Interval (in sec)	   :  50
	       Triggered Update Timer Interval (in sec)    :  5
	       Garbage Collection Timer Interval (in sec)  :  120

       ripng> show log

       If : lan0
	       In Messages		:  2
	       Out Messages		:  6
	       Discarded Messages	:  2
	       RIPng In Requests	:  0
	       RIPng In Responses	:  2
	       RIPng Out Requests	:  0
	       RIPng Out Responses	:  6
	       Unknown Commands 	:  0
	       Invalid Version		:  0
	       Total Trig Upd sent	:  4

       ripng> show error

       If : lan0
	       Discarded Messages	:  10
	       Unknown Commands 	:  0
	       Invalid Version		:  0
	       Martian Discards 	:  0
	       Ripin Discards		:  0
	       Ripout Discards		:  0
	       Route Filter Discards	:  0
	       Trusted Gateway Discards :  0
	       Import Discards		:  0

   BGP Examples
       To invoke and connect to type the following at the HP-UX command prompt:

       Following is sample output of the commands:

       bgp> show

       Command making ambiguity
       Available commands :
       [Syntax]    : show peers
       [Syntax]    : show eventlog
       [Syntax]    : show filter
       [Syntax]    : show route
       [Syntax]    : show log
       [Syntax]    : show error

       bgp> show peers

       No.of peers configured:2

       =====================================

	 BGP neighbor is 4222::1112, remote AS 700, internal link
	 BGP version 4, remote router ID 10.4.7.192
	 BGP state = Established, up for 51 seconds
	 Rcvd update before 51 secs, hold time is 120 secs,
	     keepalive interval is 40 secs
	 Received 19 messages, 14 Updates
	 Sent 13 messages, 8 Updates
	 Minimum time between advertisement runs is 15 seconds
	 Peer Preference: 0
	 Peer Related to NONE Group
	 Peer Capability type MP for IPV6
	 Peer Connection type: ACTIVE
	 Peer Authentication type: MD5
	 Local host: 4222::1111, Local port: 179
	 Foreign host: 4222::1112, Foreign port: 64180
	 No Peer Gateway
	 BGP neighbor is 6222::1111, remote AS 800, external link
	 BGP version 0, remote router ID 0.0.0.0
	 BGP state = Idle
	 Rcvd update before 0 secs, hold time is 180 secs,
	     keepalive interval is 60 secs
	 Received 0 messages, 0 Updates
	 Sent 0 messages, 0 Updates
	 Minimum time between advertisement runs is 15 seconds
	 Peer Preference: 0
	 Peer Related to NONE Group
	 Peer Capability type NONE for NONE
	 Peer Connection type: ACTIVE
	 Peer Authentication type: MD5
	 Local host: 6222::1112, Local port: 0
	 Foreign host: 6222::1111, Foreign port: 0
	 No Peer Gateway

       bgp> show route

       IPV6 BGP ROUTE TABLE
       No.of Routes configured:25

       ORIGIN: I-IGP, E-EGP, ?-INCOMPLETE
       =====================================================================
       Dest/PrefixLength       Nexthop	      Metric Protocol  LP  Origin

       =====================================================================
       ::/96   4222::1112      0       bgp     300     I

       1666::/64       4222::1112      0      bgp     300     I

       2111::/24       4222::1112      0      bgp     300     I

       2222::/64       2222::2 0       local  300     I

       3111::/24       4222::1112      0      bgp     300     I

       4222::/64       4222::1111      0      local   300     I

       4333::/64       4333::230:6eff:fe2c:b619        0      local 300  I

       5511::/64       5511::1112      0      local   300     I

       5555::/64       5555::230:6eff:fe2c:b619       0       local 300  I

       5599::/64       5599::230:6eff:fe2c:b619       0       local 300  I

       6666::/64       6666::230:6eff:fe2c:b619       0       local 300  I

       bgp> show filter

       BGP FILTER INFORMATION
       No.of Filters Configured:2
       =================================================================
       FilterName   ASNO     RP 	     ASP	  DIR	  ACTION

       =================================================================
       filter1	    100      3333::2222      12,3,4	  OUT	  DENY

       filter1	    100      3333::2222      12,3,4	  OUT	  DENY

       bgp> show eventlog

       BGP PEER EVENT LOG INFORMATION
       BGP neighbor is 4222::1112, remote AS 700, internal link
	 BGP peer state = Established, up for 51 seconds
	 No.of FSM Transitions = 1
	 FSM Transition History = idle,connect,connect,opensent,active,
				  opensent,openconfirm,established

       BGP PEER EVENT LOG INFORMATION
       BGP neighbor is 6222::1111, remote AS 800, external link
	 BGP peer state = Idle
	 No.of FSM Transitions = 0
	 FSM Transition History =

       bgp> show error

       BGP PEER ERROR INFORMATION
       BGP neighbor is 4222::1112, remote AS 700, internal link
       Last Error Received NONE
       Last Error Subcode Received NONE
       Last Error Sent NONE
       Last Error Subcode Sent NONE

       BGP PEER ERROR INFORMATION
       BGP neighbor is 6222::1111, remote AS 800, external link
       Last Error Received NONE
       Last Error Subcode Received NONE
       Last Error Sent NONE
       Last Error Subcode Sent NONE

       bgp> show log

       BGP PEER LOG INFORMATION
       BGP neighbor is 4222::1112, remote AS 700, internal link
	 Received 20 messages, 14 Updates
	 Sent 14 messages, 8 Updates

       BGP PEER LOG INFORMATION
       BGP neighbor is 6222::1111, remote AS 800, external link
	 Received 0 messages, 0 Updates
	 Sent 0 messages, 0 Updates

   IS-IS Example
       To invoke and connect to type the following at the HP-UX command prompt:

       Following is sample output of the commands:

       isis> show adj

       IS-IS Adjacency Table:
       Sysid	      Ckt Stte Nbr Usg	Hold  Pri SNPA	       IPAddr
       00000000000101 2   UP   l2  l2	12336 32  112233445566 ::

       IS-IS Adjacency Count Table:
       Ckt			Ckt Idx  Adj Count
       lan1			2	 1

       isis> show eventlog

       EVENTS LOGGED
       ----------------------------------------------------
       ISIS_EVT_DIS_CHANGE	  : EventID:55;CktLvl:2;CktIdx:2;PrevDIS:
       0a.0b.01.02.03.04.02;CurrDIS:00.00.00.00.00.01.01

       ISIS_EVT_ADJ_CHANGE	  : EventID:52;Status:0;AdjType:2;AdjIdx:
       1;AdjUsage:2;CktIdx:2;MetType:0;Met:10;AdjSysID:00.00.00.00.00.01

       ISIS_EVT_IP_IF_ADDR_CHANGE : EventID:42;Status:0;IfIdx:2;
       IPAddr31.11.00.00.00.00.00.00.00.00.00.00.00.00.11.11

       ISIS_EVT_IP_IF_ADDR_CHANGE : EventID:42;Status:0;IfIdx:2;
       IPAddrfe.c0.00.00.00.00.00.00.00.00.00.00.00.00.11.11

       ISIS_EVT_IP_IF_ADDR_CHANGE : EventID:42;Status:0;IfIdx:2;
       IPAddr21.11.00.00.00.00.00.00.00.00.00.00.00.00.11.11

       ISIS_EVT_IP_IF_ADDR_CHANGE : EventID:42;Status:0;IfIdx:2;
       IPAddrfe.80.00.00.00.00.00.00.02.30.6e.ff.fe.38.0d.b8

       ISIS_EVT_CKT_CHANGE	  : EventID:51;Status:1;CktType:1;CktLvl:2;
       MetType:0;Met:0;CktIdx:2

       ISIS_EVT_IS_UP		  : EventID:35;SysID:0a.0b.01.02.03.04

       isis> show error

       SYSTEM Level Errors
       No. of PDUs dropped			  : 0
       No. of corrupted LSPs			  : 0
       No. of times L1 LSPs database overloaded   : 0
       No. of times L2 LSPs database overloaded   : 0
       No. of times manual addr dropped from area : 0
       No. of times IS has attempted to exceed MSN: 0
       No. of times sequence no (SN) skip occurred: 0
       No. of times zero-aged copy of the systems
	own LSP is received from other IS	  : 0
       No. of Sys Id len mismatch		  : 0
       No. of Max area addresses mismatched	  : 0
       No. of times PDU authentication failed	  : 0
       No. of partition changes occurred	  : 0
       No. of Area mismatches			  : 0

       Errors stats Ckt 			  : lan1 [2]
       No. of Init failures in this ckt 	  : 0
       No. of Times Adjacency rejected		  : 0
       No. of ctrl PDUs Id len mismatch 	  : 0

       isis> show lsp 2

       IS-IS Level 2 LSP Database:
       LSPID			SeqNo	     RLT      PduLen   ChkSum	P/ATT/OL
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       0a0b01020304.00-00	0x00000001   1200     0x0039   0xb410	0/0/0
	 origLSPBufferSize  : 0X05D4
	 Protocol Supported : IPv6
	 Area Address	    : 49:00:01
	 Authentication Info: passwd=DomainPassword
       0a0b01020304.00-01	0x00000001   1200     0x0077   0x6f10	0/0/0
	 IS Adjacency	    : 0a:0b:01:02:03:04:02, Metrics: Def 10
	 IPv6 IF Address    : 2111::1111
	 IPv6 IF Address    : 3111::1111
	 IPv6 IF Address    : fec0::1111
	 IPv6 Reachability  : 7711::/24, metric 14, up
	 Authentication Info: passwd=DomainPassword
       0a0b01020304.02-00	0x00000002   1200     0x002f   0x46b7	0/0/0
	 Protocol Supported : IPv6
	 Authentication Info: passwd=DomainPassword
       0a0b01020304.02-01	0x00000002   1200     0x0045   0x1bb9	0/0/0
	 IS Adjacency	    : 0a:0b:01:02:03:04:00, Metrics: Def 0
	 IS Adjacency	    : 00:00:00:00:00:01:00, Metrics: Def 0
	 Authentication Info: passwd=DomainPassword

       isis> show interface

       ISIS Circuit Table:
       Name	 IfId Lvl Address		     Type  Flag Mtu   SNPA
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       lan1	 2    1-2 fe80::230:6eff:fe2d:ec50   BC    US	1500  00306e2dec50

       ISIS Circuit Level Table:
       Name	Lvl PSNP  CSNP	ReTx   HeInt  DRHeI HeMul Met	Pri DIS-ID
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       lan1	1   2	  10	30     3000   1     10	  127	255 0a0b0102030402
       lan1	2   2	  10	30     3000   1     10	  127	255 0a0b0102030402

       isis> show route

       IS-IS Level 1 Routing Table:
       Dest			    GW			  Met  Prf Flag IfId
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       5555::1111/64		    ::			  8    0   D IS -1
       7733::/64		    fe80::fe13		  16   0   D IS 2

       Number of routes in Level1 : 2

       IS-IS Summary Address Table:
       SumAddr					    Metric   Filter
       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
       5555::1111/24				    10	     Deny

       isis> show log

       Input/Output stats on Ckt			:lan1 [2]
       ISIS LEVEL-1 packets stats
       Hello PDUs
       Rx      : 0     Tx      : 0
       Link State PDUs
       Rx      : 0     Tx      : 0
       CSN PDUs
       Rx      : 0     Tx      : 0
       PSN PDUs
       Rx      : 0     Tx      : 0
       ISIS LEVEL-2 packets stats
       Hello PDUs
       Rx      : 1     Tx      : 13
       Link State PDUs
       Rx      : 0     Tx      : 2
       CSN PDUs
       Rx      : 0     Tx      : 0
       PSN PDUs
       Rx      : 0     Tx      : 0
       Interface stats on Ckt				: lan1 [2]
       No. of adjacencies state changes 		: 1
       No. of Init failures in this ckt 		: 0
       No. of ISHs sent to peer nodes			: 0
       No. of ISHs recvd to peer nodes			: 0
       No. of Times Adjacency rejected			: 0
       No. of ISIS PDUs sent on this ckt		: 2
       No. of ISIS PDUs recvd on this ckt		: 0
       No. of ctrl PDUs Id len mismatch 		: 0

AUTHOR

       was developed by Future Software Ltd.

SEE ALSO

       bgpd(1M), isisd(1M), ramd(1M), ripngd(1M), rdc(1M), ramd.conf(4).

																   ram_monitor(1M)

Security Advisories (RSS)