Re: FW: BGP Instabilities and Worm Propagation? [7:20687]

Fri, 21 Sep 2001 10:19:01 -0700 

Very interesting. They say that neither the Baltimore train wreck nor the 
WTC attacks destabilized the global Internet (HAH! ;-) But there does seem 
to be a high correlation between Code Red and Internet instability, as well 
as between Nimbda and Internet instability.

They don't go so far as to say there is a cause and effect. One does wonder 
why a high rate of traffic (due to the worms) would cause problems for BGP. 
I guess BGP sessions could time out if the congestion got too bad, but that 
would point to a rather fundamental flaw with BGP implementations if that 
were the case?

Near the end they say another hypothesis is that congestion due to worm 
traffic at the Internet's edge causes many network operators from 
corporations and small ISPs to reboot or reconfigure their border routers 
(an "epidemic of sysadmin panic".) So, stay calm folks. ;-)

Thanks for sharing the info. We should all stay posted for more news on 
this front.

Priscilla


At 10:52 AM 9/21/01, Andras Bellak wrote:
>Once again in the spirit of Chuck, this post from NANOG has a link to an
>article on BGP instabilities that may be related to Internet worm
>attacks.
>
>Andras Bellak
>Director, WAN Engineering
>[EMAIL PROTECTED]
>
>
>-----Original Message-----
>From: Tim Griffin [mailto:[EMAIL PROTECTED]]
>Sent: Friday, September 21, 2001 6:42 AM
>To: [EMAIL PROTECTED]
>Subject: BGP Instabilities and Worm Propagation?
>
>
>
>
>See http://www.renesys.com/projects/bgp_instability
>for data showing that there may be a correlation
>between worm propagation and BGP routing instabilities.
>
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>Timothy G. Griffin
>AT&T Labs Research
>973 360 7238
>http://www.research.att.com/~griffin
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
________________________

Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20708&t=20687
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to