Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?
Joe Provo
nanog-post at rsuc.gweep.net
Mon Aug 17 21:48:40 UTC 2009
On Mon, Aug 17, 2009 at 03:37:07PM -0600, randal k wrote:
> Yep, we started seeing this right around 12:20pm MST. We saw it from a
> customer's rapidly-flapping BGP peer. We told them to configure bgp
> maxas-limit, but apparently CRS1s don't have that command.
>
> Anybody have a handy route-map that will deny anything with a as-path
> longer than say 15-20? ;-)
Been a while since I had to throw this on cisco, but I since it lacks
sane repeat constraint, you have to either choose to iterate over your
acceptable space or deny on the longer-than-acceptable. For the latter,
^[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_([0-9]+_)+
clobbers 15 ASNs and longer.
--
RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
More information about the NANOG
mailing list