12/8 problems?
william(at)elan.net
william at elan.net
Fri Sep 9 15:37:23 UTC 2005
On Fri, 9 Sep 2005, Richard A Steenbergen wrote:
> On Fri, Sep 09, 2005 at 11:12:25AM -0400, Drew Linsalata wrote:
>>
>> Apologies for a post of an operational nature, but is anyone else seeing
>> problems with AT&Ts 12/8 block?
>>
>> From a New York router connected to Global Crossing and Peer 1:
>>
>> border-1.nycmny> sh ip bgp 12.xxx.xxx.xxx
>>
>> BGP routing table entry for 12.0.0.0/8, version 86901457
>> Paths: (2 available, best #1)
>> Not advertised to any peer
>> 3549 12956 26210
>> 64.213.176.97 from 64.213.176.97 (208.50.59.1)
>> Origin incomplete, metric 2602, localpref 100, valid, external,
>> best, ref 2
>> Community: 232589665 232618104
>> 13768 12956 26210, (received-only)
>> 64.34.84.117 from 64.34.84.117 (216.187.124.10)
>> Origin incomplete, localpref 100, external, ref 2
>>
>> Route views is showing a 12/8 with a fair amount of dampening/flap
>> penalties in the last 10-12 minutes.
>
> Looks like 12956 is announcing some /8s to every peer and transit
It looks like 12956 is propagating announcements from their customer
26210 of these /8 routes. It looks like 12956 does not have correct
policies in place to block such announcements from their customers as
many of the large ISPs in US do (mostly by requiring customers to
pre-authorize and give list of blocks that they would be announcing)
and that is why from time-time things like this leak out (which they
deal with each time after the fact). It does seem appropriate that if
12956 is unable to put appropriate policies in place to make sure things
like this do not happen, then all its announcements will have to be
double-checked and pre-authorized by its transits i.e. GBLX and Sprint.
---
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list