Knowledge Search


BGP Session Teardown due to AS_CONFED_SEQUENCE in AS4_PATH

  [JSA10395] Show Article Properties

Legacy Advisory Id:
Product Affected:
JUNOS 9.1 and above (released before 20090126), as mentioned in the PSN subsequently.
When sending a BGP UPDATE message, JUNOS may include the following segment types in the AS4_path attribute:


This inclusion is in violation of RFC 4893.

When the BGP UPDATE message is received by a BGP peer that is capable of processing the AS4_PATH attribute, the receiving peer determines that the AS4_PATH attribute is malformed and clears the BGP session (as is required by Section 6 of RFC 4271). Clearing the BGP session may cause service disruption. This problem is amplified by the transitive, optional nature of the AS4_PATH attribute. When a BGP speaker that cannot process the AS4_PATH attribute receives an UPDATE message containing a malformed AS4_PATH attribute, it may relay that malformed attribute to its BGP peers, causing those BGP sessions to reset.

This issue was mentioned on the NANOG mailing list ( and at the NANOG 45 Conference (

Juniper has validated the work done by Andy Davidson, NetSumo (, Jonathan Oddy, Hostway UK (, and Rob Shakir, GX Networks (

A fix has been completed and is currently being applied to all images which has yet to reach End of Engineering (EOE). Consequently, fixes will be available in the next scheduled releases of JUNOS (please check with your local Juniper technical representative).

The PR for this issue is 417046.

This only impact JUNOS from 9.1R1 forward. 4-byte ASNs were introduced in JUNOS in 9.1R1 (released before 20090126).
When available, upgrade JUNOS to insure that the combination of BGP confederation and 4Byte ASNs are not sent. In the mean time use of 4Byte ASNs and BGP Confederations are strongly discouraged.
Related Links:
Risk Level:
Risk Assessment:
Can generate BGP malformed attributes which can cause BGP sessions in RFC compliant routers to drop.