[111952] in North American Network Operators' Group
Re: anyone else seeing very long AS paths?
daemon@ATHENA.MIT.EDU (Steven Saner)
Tue Feb 17 15:05:45 2009
From: Steven Saner <ssaner@hubris.net>
To: nanog@nanog.org
In-Reply-To: <005101c99139$055f60f0$0a00000a@nil.si>
Date: Tue, 17 Feb 2009 14:05:35 -0600
Errors-To: nanog-bounces@nanog.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Feb 17, 2009, at 1:50 PM, Ivan Pepelnjak wrote:
> As far as I understand the issues :)
>
> There are two limits: the first one @ 128 AS numbers (where BGP =20
> switches to
> the 'extended length' of BGP attribute), the other one @ 256 AS =20
> numbers
> (where BGP has to use two AS_SEQUENCE segments).
>
> Old IOS releases break on the first boundary when processing INBOUND =20=
> update.
> bgp maxas-limit cannot save you, as the router drops UPSTREAM BGP =20
> session
> before the update is fully processed.
>
> New IOS releases accept all INBOUND updates. Prefixes with AS-path =20
> length
> above 254 are never valid (the long printout contains maxas-limit =20
> status).
> bgp maxas-limit works on inbound updates and thus drops whatever you =20=
> feel is
> oversized.
>
> New IOS release fail when sending OUTBOUND updates. If you've =20
> configured bgp
> maxas-limit, you're safe. If not, your DOWNSTREAM BGP session will be
> dropped by your neighbor receiving invalid BGP update.
>
> If your customers are using old IOS, there was nothing they could do =20=
> to
> prevent the BGP session reset (apart from upgrading, obviously :). =20
> Who was
> the actual culprit depends on the AS-path length ... See above.
>
> Does this make sense? I know it's complex :)
> Ivan
What is not yet clear is, what are the definitions of "Old IOS =20
release" and "New IOS release"? There has been talk of a bug referred =20=
to as CSCdr54230. I have seen statements on another list that this was =20=
fixed in 12.1(4) and 12.0(10)S3, but yet this problem was experienced =20=
on such releases as 12.2(40). Has there been any definitive word yet =20
on what it takes to qualify as a new IOS release?
Steve
- --
- ---------------------------------------------------------------
Steven Saner <ssaner@hubris.net>
Director of Network Operations
Hubris Communications
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAkmbGI8ACgkQvgCxUpg3pZOfgQCeOCnoDIwX/IMF+wfnM8md2SiM
LSEAoIptOHmO7yPhAGdVZ8+dlhCiOI8k
=3DWD0q
-----END PGP SIGNATURE-----
