At approximately 7:37am EDT on Friday, about 258 Cisco 12000's on UUNET's primary backbone reloaded. This appeared to be isolated to routers in ASN 701. It disrupted reachability to about 15% of the world-wide Internet based on data from Matrix measurements. A contributing cause was a bad IS-IS packet which confused certain IOS versions in the 12.0 IOS software train. I haven't heard what the root cause was or what originated the bad IS-IS packet. The Cisco bug id is CSCdr05779. Any provider running the affected IOS version may be vulnerable depending on what the root cause turns out to be.

Although the bad IS-IS packet didn't propagate to other providers, several other providers did report BGP resets and route flaps about the same time.

If a large AS such as AS701 starts flapping I wouldn't be surprised if other ASes start seeing BGP resets and route-flaps. Could be that crud routing information was exchange when that chaos started [jeez 258 routers I'd hate to have been the on duty NOC guy on that morning :-)] Interestingly though we still see alot routes with bad AS-PATH information people should be setting more stringent configurations on the routes the learn and subsequentally pass on to avoid this. Regards, Neil.