[ale] hacker or bad karma

[Stuffed Crust]

On Thu, Aug 24, 2000 at 10:26:55PM -0400, Carl Forsell wrote:
> the route hit BellSouth (henceforth referred to as BS), come to us on one
> T1, hit the router and go back to BS on the second T1, us,them,us,them
> untill it died.  Outages last minutes to hours.  During an outage, the lines

Sounds like a classic counting-to-infinity distance-vector routing
problem.

> BS says it is our cisco 3640 that is causing the problem... I don't think
> so.  We had a consultant snapshot all config files about 2 months ago, then
> redo it a few days ago.  The files had not changed.

Now this sounds stupid, but what's the router plugged into?  This behaivor
is consistent with a link on your side going down.

Now you shouldn't be bouncing back and forth -- that _is_ definately a
router configuration problem (you should never get a loop like that).

Actually, it's possible that it is partially BS's problem -- they
shouldn't be broadcasting the route to you back to you.
 
> My question... Is it possible that a former employee (several left with a
> grudge) could in some way screwup the DNS on our router in a way that would
> not show in the config files?  Are there any Linux eastereggs or bombs that
> could flood the routers tables with bogus data?  Any ideas???

Has nothing to do with DNS.  Oh, make sure you aren't running RIP or gated 
on any of your linux/unix boxes unless they are actually running as
routers.  They could be sending bogus routing info to your router, which
could be causing your problems.

 - Pizza
-- 
Solomon Peachy                                        pizza at cc.gatech.edu
I ain't broke, but I'm badly bent.                        +1(404)294-6978
Patience comes to those who wait.                            ICQ #1318344
    ...It's not "Beanbag Love", it's a "Transanimate Relationship"...
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.