[116810] in North American Network Operators' Group
Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?
daemon@ATHENA.MIT.EDU (Joe Provo)
Thu Aug 20 06:02:31 2009
Date: Thu, 20 Aug 2009 06:02:11 -0400
From: Joe Provo <nanog-post@rsuc.gweep.net>
To: nanog@nanog.org
In-Reply-To: <000901ca1fd6$ba47a3c0$0a00000a@nil.si>
Reply-To: nanog-post@rsuc.gweep.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, Aug 18, 2009 at 09:37:22AM +0200, Ivan Pepelnjak wrote:
> > Anybody have a handy route-map that will deny anything with a
> > as-path longer than say 15-20? ;-)
>
> http://wiki.nil.com/Filter_excessively_prepended_BGP_paths
It will still be a while before we see unbroken 4byte AS behavior
(that whole 'fix the teardown on a anyone sneezing' problem). But
like with stale bogon filters, I expect folks inclined to use this
to drop it in and forget about it. So it would be wise to adjust
the recommended filter to anticipate a 2byteAS view allowing multiple
instances of AS-TRANS; there's likely a more elegant approach, but
the quick step of explicitly allowing _(23465_)+ before you deny
_([0-9]+)_\1_\1_\1_\1_
Cheers,
Joe
--
RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
