[28898] in North American Network Operators' Group
Re: That pesky AS path corruption bug...
daemon@ATHENA.MIT.EDU (Vijay Gill)
Tue May 23 13:29:46 2000
Date: Tue, 23 May 2000 13:26:25 -0400 (EDT)
From: Vijay Gill <wrath@cs.umbc.edu>
To: Blaine Christian <blaine@inbound.blaines.net>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.10.10005231234410.19459-100000@inbound.blaines.net>
Message-ID: <Pine.SOL.3.95.1000523132209.5819E-100000@mailserver-ng.cs.umbc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 23 May 2000, Blaine Christian wrote:
> After observing a recent issue regarding a router that sent corrupted AS
> path (all names are witheld to protect the guilty). I took a look at the
> path information that was being received and have a possible solution.
> Since the corrupted AS-path does not include the AS that the route is
> coming from (at least in the corruption that I saw) it seems to me that a
> simple solution for all is to filter on AS i.e. only allow routes that
> have the AS of your EBGP neighbor prepended to them. I realize this does
> not cover all cases of wacky AS corruption problems but it may fix some of
This is a hack. We do not need more cruft added on, rather, what we need
is correct behavior. The correct behavior being - if you see a corrupt/ a
malformed update from a peer, send a notify and drop the session. Seems
fairly simple to me.
The above suggestion of your fails in case of route servers.
Insist on correct behavior, not on cruftery.
/vijay
