Lots of prepends - AS20912 case

Mathias Sundman mathias at openvpn.se
Fri Feb 20 07:58:36 CST 2009


On Fri, 20 Feb 2009, Mikael Abrahamsson wrote:

> On Fri, 20 Feb 2009, Dorn Hetzel wrote:
>
>> Replacing what is conventially thought to be a string with an integer
>> multiplier seems a massive violation of the principle of least 
>> astonishment.
>
> 3. Prepend number of times entered modulo 256, is just broken.

In v3.20 of RouterOS (Mikrotik) it seems to fixed (havn't checked earlier 
releases), so they must have been running an old version of RouterOS if 
that was the platform they was using in this case, that I think someone 
was indicating.

[admin at router1] /routing filter> set 1 set-bgp-prepend=20912
value of set-bgp-prepend out of range (0..16)

[admin at router1] /routing filter> set 1 set-bgp-prepend=17
value of set-bgp-prepend out of range (0..16)

I think having an option to prepend the AS-PATH with an integer multiplier 
is pretty convenient, just as they have checks like bgp-as-path-length=0 
to check the lengh of AS-PATHs without writing regexps. But there should 
of course also be normal text prepends and regexp checks. With a check 
that no more than 16 are added, like the current version enforces 
misstakes like this shouldn't be possible.

--
_____________________________________________________________
Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://openvpn.se/               / \   NO Word docs in e-mail




More information about the NANOG mailing list