router startup behavior

Danny McPherson danny at
Wed Jan 16 05:09:12 UTC 2002

I've actually seen this behavior (more specifics being 
leaked and then promptly withdrawn), though the trigger
wasn't quite so obvious.  

It turned out what was happening is that a bunch of gunk was
being redistributed into BGP and tagged with "keep internal" 
communities to avoid advertisement to EBGP peers.  Implicit 
policy was being applied at the domain egress such that if
the "keep internal" community values weren't present the 
routes were by default advertised externally.  

In addition, BGP policies (i.e., prefix filters) that identified 
"keep internal" address space (and pretty much everything else, 
for that matter) were being rewritten every night on every BGP 
router in the network (regardless of change).  

The routers in question run a BGP redistribution process every 
60 seconds and it just happened to run (quite often) just as 
filters were being rewritten, resulting in "the gunk" not being 
tagged as "keep internal" and therefore being advertised 
externally.  A subsequent run of the BGP process realized a 
policy was in place withdrew the routes.  

The symptoms were somewhat random as the leaked routes varied from 
day to day, depending on which routers throughout the domain 
happened to have a BGP redistribution process collide with a policy 
rewrite -- but all in all, in a large network it seemed to occur on 
at least a couple of routers every night.

My conclusions:

 o Redistributing into BGP can get ugly and should be 

 o Blindly rewriting policies (or any configuration elements)
   that haven't changed is bad

 o Implicit route advertisement policies are bad


More information about the NANOG mailing list