Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?
Joe Provo
nanog-post at rsuc.gweep.net
Thu Aug 20 10:02:11 UTC 2009
On Tue, Aug 18, 2009 at 09:37:22AM +0200, Ivan Pepelnjak wrote:
> > Anybody have a handy route-map that will deny anything with a
> > as-path longer than say 15-20? ;-)
>
> http://wiki.nil.com/Filter_excessively_prepended_BGP_paths
It will still be a while before we see unbroken 4byte AS behavior
(that whole 'fix the teardown on a anyone sneezing' problem). But
like with stale bogon filters, I expect folks inclined to use this
to drop it in and forget about it. So it would be wise to adjust
the recommended filter to anticipate a 2byteAS view allowing multiple
instances of AS-TRANS; there's likely a more elegant approach, but
the quick step of explicitly allowing _(23465_)+ before you deny
_([0-9]+)_\1_\1_\1_\1_
Cheers,
Joe
--
RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
More information about the NANOG
mailing list