[196070] in North American Network Operators' Group
Re: AS PATH limits
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sat Sep 30 21:28:31 2017
X-Original-To: nanog@nanog.org
In-Reply-To: <20170930164726.GY17040@sizone.org>
From: Christopher Morrow <morrowc.lists@gmail.com>
Date: Sat, 30 Sep 2017 21:28:28 -0400
To: Ken Chase <math@sizone.org>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sat, Sep 30, 2017 at 12:47 PM, Ken Chase <math@sizone.org> wrote:
> I dont see that as the solution. Someone else will offend again.
>
> However, I also don't see trusting major backbones as our filters (for many
> other reasons). Our software should be handling what's effectively a
> buffer overflow
> or equivalent (beware long paths that are actually shellcode).
>
> Quagga among others seems to be subject to this bug, pre 0.99.23 or so
> (.99.24+ seems ok). So upgrading is a solution.
>
>
ii quagga 0.99.22.4-3ubu i386 BGP/OSPF/RIP routing
daemon
interestingly enough that isn't crashlooping nor is it bouncing bgp
sessions:
192.168.100.100 4 MYASN 1642717 8864 0 0 0 2d23h32m
672475
and it's happily showing me the route even...
There was also some chatter on the quagga mailing list on how it's more
> pleasant to stab your eyeballs out rather than constructing extremely long
> regexp's that might work as a filter.
>
> https://lists.quagga.net/pipermail/quagga-users/2017-September/thread.html
>
> /kc
>
>
> On Sat, Sep 30, 2017 at 05:30:03PM +0200, Niels Raijer said:
> >My message to NANOG about this from 12:31 UTC today is still in the
> moderation queue. I had opened a support case with Cogent before writing my
> message to NANOG and Cogent has let me know approximately 40 minutes ago
> that they have contacted their customer.
> >
> >Niels
> >
> >
> >
> >On 30 Sep 2017, at 17:09, sthaug@nethelp.no wrote:
> >
> >>> If you're on cogent, since 22:30 UTC yesterday or so this has been
> happening
> >>> (or happened).
> >>
> >> Still happening here. I count 562 prepends (563 * 262197) in the
> >> advertisement we receive from Cogent. I see no good reason why we
> >> should accept that many prepends.
> >>
> >> Steinar Haug, Nethelp consulting, sthaug@nethelp.no
> >
>
> --
> Ken Chase - math@sizone.org Guelph Canada
>
