[77661] in North American Network Operators' Group
Re: long as path games?
daemon@ATHENA.MIT.EDU (Blaine Christian)
Mon Jan 31 12:57:58 2005
Date: Mon, 31 Jan 2005 09:37:57 -0800
From: Blaine Christian <blaine@blaines.net>
To: Jared Mauch <jared@puck.nether.net>,
Hank Nussbacher <hank@mail.iucc.ac.il>
Cc: Jon Lewis <jlewis@lewis.org>, <nanog@nanog.org>
In-Reply-To: <20050131165305.GA41546@puck.nether.net>
Errors-To: owner-nanog-outgoing@merit.edu
Specifically, they have the ability to tickle a legacy cisco bug with AS
path length. This bug was supposedly mitigated in code and I believe my
previous company is still filtering AS path length (UUNET) of 100 or
greater.
A valid AS-Path of greater than 100 has not yet been found (which was why
the filters were in place).
On 1/31/05 8:53 AM, "Jared Mauch" <jared@puck.nether.net> wrote:
>
> On Mon, Jan 31, 2005 at 07:19:14AM +0200, Hank Nussbacher wrote:
>>
>> At 10:23 PM 30-01-05 -0500, Jon Lewis wrote:
>>
>>> Someone at fido.net having some bgp config issues?
>>
>> Looks like someone probing for a buffer overflow on a world-wide basis.
>>
>> -Hank
>>
>>
>>> Jan 30 18:34:51 EST: %BGP-6-ASPATH: Long AS path 6461 3356 6770 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> received from ...
>
> Router(config-router)#bgp maxas-limit ?
> <1-2000> Number of ASes in the AS-PATH attribute
>
> Router(config-router)#bgp maxas-limit 50
>
> Easy to fix/reject.
>
> - jared
