Bug 213423 - [PATCH] update tcpdump to decode Large BGP Communities
Summary: [PATCH] update tcpdump to decode Large BGP Communities
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: Allan Jude
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2016-10-12 19:43 UTC by Job Snijders
Modified: 2017-02-19 18:22 UTC (History)
1 user (show)

See Also:


Attachments
Patch for contrib/tcpdump/print-bgp.c to decode Large BGP Communities (1.39 KB, patch)
2016-10-12 19:43 UTC, Job Snijders
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Job Snijders 2016-10-12 19:43:10 UTC
Created attachment 175678 [details]
Patch for contrib/tcpdump/print-bgp.c to decode Large BGP Communities

Attached is a patch for tcpdump to decode the Large BGP Community attribute (defined in draft-ietf-idr-large-community). IANA assigned BGP Path Attribute code 30 to LARGE_COMMUNITY.

Similar patches were accepted in tcpdump: https://github.com/the-tcpdump-group/tcpdump/commit/bc700c426251f8d93049d71fd4c007d22b2a2aa0

OpenBSD: http://marc.info/?l=openbsd-tech&m=147629128313963&w=2

FreeBSD is used by some Internet Exchange Points to host their Route Server. An up to date tcpdump will assist this group of people in their daily operations.
Comment 1 Allan Jude freebsd_committer freebsd_triage 2017-01-25 04:27:03 UTC
this followup commit changes the patch:

https://github.com/the-tcpdump-group/tcpdump/commit/e2adb166ecaf59555e18787e86ac8c828efa0acc

I am merging it in as well
Comment 2 Job Snijders 2017-01-25 11:37:51 UTC
(In reply to Allan Jude from comment #1)

Excellent catch! Yes, due to code point squatting (described here: https://tools.ietf.org/html/draft-ietf-idr-deprecate-30-31-129-02 ) Large Communities switched from 30 to 32.
Comment 3 Pedro F. Giffuni freebsd_committer freebsd_triage 2017-01-25 18:56:32 UTC
For the record ... we should "simply" update tcpdump through the vendor area (with some care for capsicum).
Comment 4 Allan Jude freebsd_committer freebsd_triage 2017-01-25 20:25:18 UTC
(In reply to Pedro F. Giffuni from comment #3)
The latest release of tcpdump does not yet include this patch, only tcpdump -head does.

But yes, we are a number of versions of tcpdump behind
Comment 5 Allan Jude freebsd_committer freebsd_triage 2017-02-09 01:47:26 UTC
r313048 updated tcpdump in -CURRENT to 4.9.0, which supports the Large Communities feature.

Because this is a security fix, it is likely to get updated in 11.0 as well.
Comment 6 Allan Jude freebsd_committer freebsd_triage 2017-02-19 18:22:50 UTC
The upgrade was merged into stable/11 on Feb 10.

It will be included in FreeBSD 11.1 and later.