anyone else seeing very long AS paths?
jbates at brightok.net
Tue Feb 17 19:19:00 UTC 2009
German Martinez wrote:
> On Tue Feb 17, 2009, Mike Lewinski wrote:
>> bgp max-as will NOT protect you from this exploit (but if you are not
>> vulnerable it should prevent you from propogating it).
> Are you trying to say that the receiving bgp speaker will drop the session
> no matter what but it won't forward the update?
There are reports that some versions of IOS will drop a peer upon
receiving the long AS, even with a bgp max-as command. I can only
presume that there are some IOS versions that determine the update is
invalid prior to the max-as command determining we are not keeping the
route. The whole "is the update valid?" vs "do I want this in my routing
More information about the NANOG