Strange BGP announcement.

• Previous message (by thread): Strange BGP announcement.
• Next message (by thread): Strange BGP announcement.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Since this isn't directly my upstream's problem I've edited them out of the
> log (actually, this could have come from more than one of my upstreams)
> 
> Nov  8 17:45:26 BGP RECV x.x.x.x+179 -> x.x.x.x+1161
> Nov  8 17:45:26 BGP RECV message type 2 (Update) length 64
> Nov  8 17:45:26 BGP RECV flags 0x40 code Origin(1): Incomplete
> Nov  8 17:45:26 BGP RECV flags 0x40 code ASPath(2): (0x02 0x07 0x0f 0x7f 0x02 0xbd 0x0d 0xa5 0x03 0x30 0x03 0x2f 0x03 0x2e)
> Nov  8 17:45:26 BGP RECV flags 0x40 code NextHop(3): x.x.x.x
> Nov  8 17:45:26 BGP RECV flags 0xc0 code Aggregator(7): 6218 206.53.128.254
> Nov  8 17:45:26 BGP RECV        206.148.144/22
> Nov  8 17:45:26 
> Nov  8 17:45:26 bnp_path_attr_eer: peer x.x.x.x (External AS yyyy) bad update send NOTIFY flag 0 type 0  err_subcode 11, data 0
> Nov  8 17:45:26 NOTIFICATION sent to x.x.x.x (External AS yyyy): code 3 (Update Message Error) subcode 11 (AS path attribute problem) data
> Nov  8 17:45:26 
> Nov  8 17:45:26 BGP SEND x.x.x.x+1161 -> x.x.x.x+179
> Nov  8 17:45:26 BGP SEND message type 3 (Notification) length 21
> Nov  8 17:45:26 BGP SEND Notification code 3 (Update Message Error) subcode 11 (AS path attribute problem)
> Nov  8 17:45:26 
> 
> (We saw the problem start around 1640 GMT tonight)
> 
> Problem at AS6218 perhaps ? (of course if this is the result of some
> random corruption that can't be relied on... )
> 
> Anyone else see anything ? 

Another note on this, I wasn't able to stop the updates
with a filter-list... perhaps because the AS path is 
problematic.  I had to use a distribute list instead, listing
each of the networks that 6218 is aggregating for...
Not sure if this affects anyone else or not, but:

access-list 21 deny 206.53.128.0 0.0.3.255
access-list 21 deny 206.53.128.0 0.0.0.255
access-list 21 deny 206.53.129.0 0.0.0.255
access-list 21 deny 206.53.130.0 0.0.0.255
access-list 21 deny 206.53.131.0 0.0.0.255
access-list 21 deny 206.148.144.0 0.0.3.255
access-list 21 deny 206.190.224.0 0.0.0.255
access-list 21 permit any

davec

• Previous message (by thread): Strange BGP announcement.
• Next message (by thread): Strange BGP announcement.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]