Strange BGP announcement.

• Previous message (by thread): Strange BGP announcement.
• Next message (by thread): Strange BGP announcement.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Craig A. Huegen wrote:

> 
> After looking over the RFC, I see that 0 can be used for non-routed
> networks, so no one's implementation should be hanging up on it.

I agree. I'm not sure that that is what is happening, though.... see below.

> 
> (Regardless, the use of AS 0 as a prepend should be discouraged =)

Yup.


However, I'm not seeing AS0 in the stuff I posted:

> 
> ==>==>> Nov  8 17:45:26 BGP RECV flags 0x40 code ASPath(2): (0x02 0x07 0x0f 0x7f 0x02 0xbd 0x0d 0xa5 0x03 0x30 0x03 0x2f 0x03 0x2e)


John Scudder at IENG gave me the clue by decoding the above ASPath:

        0x02 = AS_SEQUENCE
        0x07 = 7 ASes in sequence
        0x0f7f = 3967
        0x02bd =  701
        0x0da5 = 3493
        0x0330 =  816
        0x032f =  815
        0x032e =  814

and I decided to take a closer look at the other's I'd logged:

Nov  8 19:29:35 BGP RECV flags 0x40 code ASPath(2): (0x02 0x08 0x18 0xcb 0x0d 0xe9 0x02 0xbd 0x0d 0xa5 0x03 0x30 0x03 0x2f 0x03 0x2e)

0x02    AS_SEQUENCE
0x08    8 ASes in sequence
0x18cb  6347
0x0de9  3561
0x02bd   701
0x0da5  3493
0x0330   816
0x032f   815
0x032e   814

Nov  8 16:56:32 BGP RECV flags 0x40 code ASPath(2): (0x02 0x03 0x18 0xcb 0x0d 0xe9)
0x02   AS_SEQUENCE
0x03   3 ASes in sequence
0x18cb  6347
0x0de9  3561



In each case the ASPath attribute says it consists of an AS_SEQUENCE of
N ASes, but the data only shows N-1 ASes.

Could it be that your router somehow 'pads' the tail of the AS_PATH
with enough zeros until it makes the right length ?  I think it's
hiding the truth from you.



When I was talking through the problem with one of my upstreams they
mentioned 'AS0' at the end of the AS_PATH. It seems that their routers
were happy to pad the AS to the right length internally, but the Update
that was sent to my router was definitely malformed (and not padded
with AS0) which caused a (correct IMHO) NOTIFY message to be sent
back. 


Did anyone else capture any problematic Update messages yesterday ?
Do they show the same problem ?

I'm beginning to believe that this is a bug in at least the Cisco
BGP implementation (since that's what my upstreams use to peer with
me).


(I haven't seen any mention of how the bad routes got into the 
world in the first place. Anyone know ?)


 Regards,
 Andrew
-- 
Andrew Bangs, Network Engineering Manager, Demon Internet Ltd
andrewb at demon.net  http://www.demon.net/ http://www.demon.nl/
Network Engineering: +44 (0)181 371 1204   networks at demon.net

• Previous message (by thread): Strange BGP announcement.
• Next message (by thread): Strange BGP announcement.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]