Closed amgadhanafy closed 3 years ago
@kbandla can you please check this one
Looks like i should run the entire bgp pcap corpus from that collection!
@kbandla I think this issue related to Four-Octet Autonomous System (AS) Number Space https://tools.ietf.org/html/rfc6793
Several issues when processing this packet
1- unpacked packet length is wrong(90 instead of 89)
2- announced routes length is wrong (11 instead of 2) routes are resolved as
[RouteIPV4(0.0.0.0/0), RouteIPV4(0.0.0.0/0), RouteIPV4(0.0.0.0/0), RouteIPV4(32.0.0.0/1), RouteIPV4(5.0.0.0/5), RouteIPV4(5.0.0.0/5), RouteIPV4(0.0.0.0/0), RouteIPV4(0.0.0.0/0), RouteIPV4(0.0.0.0/0), RouteIPV4(32.0.0.0/1), RouteIPV4(168.1.5.0/192)]
There are 2 issues
As of rfc7911 Advertisement of Multiple Paths in BGP
Extended NLRI Encodings
In order to carry the Path Identifier in an UPDATE message, the NLRI encoding MUST be extended by prepending the Path Identifier field, which is of four octets.
For example, the NLRI encoding specified in [RFC4271] is extended as the following:
+--------------------------------+ | Path Identifier (4 octets) | +--------------------------------+ | Length (1 octet) | +--------------------------------+ | Prefix (variable) | +--------------------------------+
the current implementation doesn't support the extended path identifier
As of rfc6793 BGP Support for Four-Octet Autonomous System (AS) Number Space ASPath have 2 types Old and new Old is 2 Octet (the current implementation) new is 4 octet
PR will be introduced to fix both issues
I tried to read file https://packetlife.net/media/captures/bgp-add-path.cap
when opened using wireshark it shows the following
but when opened using
dpkt.bgp.BGP(bgp_data)
it gives the following error