[109833] in North American Network Operators' Group
Re: 91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced
daemon@ATHENA.MIT.EDU (Andy Davidson)
Thu Dec 11 04:26:44 2008
From: Andy Davidson <andy@nosignal.org>
To: Florian Weimer <fweimer@bfk.de>
In-Reply-To: <82oczjglf0.fsf@mid.bfk.de>
Date: Thu, 11 Dec 2008 09:26:27 +0000
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On 11 Dec 2008, at 08:34, Florian Weimer wrote:
>> OpenBGPd is therefore dropping the sessions when this update is
>> received. Unideal if this attribute is learned on multiple
>> upstreams...
>> The impact today is fairly limited as there are relatively few bgp
>> speakers honouring the 4-byte ASN protocol extension rules, but as
>> code that support these features creeps around the internet, the
>> next time this happens the impact could be much greater, so we need
>> to understand which implementation of which BGP software caused
>> this illegal origination.
> Uhm, shouldn't you just ignore invalid AS4_PATH attributes, instead
> of dropping the session? It's a transient, optional attribute, so
> you can't rely on your peers to filter it.
Well I have never written written a BGP stack, so I have no code to
change as per your suggestion ;-) but as I said on the original post,
I'd like to see it as a configurable option, so that I can do the
right thing when something breaks.
196629 withdrew the prefix some hours ago and their NOC are
investigating. I have asked if they will share some info about the
problem when they have chance so that we can understand how to stop
this happening in future. They don't use confederations internally so
the reason for the break is actually non-obvious.
Best wishes
Andy
