Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?

Joe Provo nanog-post at rsuc.gweep.net
Mon Aug 17 16:48:40 CDT 2009


On Mon, Aug 17, 2009 at 03:37:07PM -0600, randal k wrote:
> Yep, we started seeing this right around 12:20pm MST. We saw it from a
> customer's rapidly-flapping BGP peer. We told them to configure bgp
> maxas-limit, but apparently CRS1s don't have that command.
> 
> Anybody have a handy route-map that will deny anything with a as-path
> longer than say 15-20? ;-)
 
Been a while since I had to throw this on cisco, but I since it lacks
sane repeat constraint, you have to either choose to iterate over your
acceptable space or deny on the longer-than-acceptable. For the latter,
^[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_([0-9]+_)+
clobbers 15 ASNs and longer.

-- 
             RSUC / GweepNet / Spunk / FnB / Usenix / SAGE




More information about the NANOG mailing list