Lots of prepends - AS20912 case

Dorn Hetzel dhetzel at gmail.com
Fri Feb 20 08:46:24 CST 2009


It's just a personal opinion, but I would think that if someone is going to
make the rest of the net suffer the ugliness of a nnnnn nnnnn nnnnn nnnnn
nnnnn nnnnn nnnnn nnnnn nnnnn nnnnn nnnnn nnnnn prepend, then it's not
unreasonable they should have to look at the ugliness in their config file
as well :)    The use of a multiplier just makes it too painless to inflict
all that ugliness on everyone else without having to look at it first...

On Fri, Feb 20, 2009 at 8:58 AM, Mathias Sundman <mathias at openvpn.se> wrote:

> On Fri, 20 Feb 2009, Mikael Abrahamsson wrote:
>
>  On Fri, 20 Feb 2009, Dorn Hetzel wrote:
>>
>>  Replacing what is conventially thought to be a string with an integer
>>> multiplier seems a massive violation of the principle of least
>>> astonishment.
>>>
>>
>> 3. Prepend number of times entered modulo 256, is just broken.
>>
>
> In v3.20 of RouterOS (Mikrotik) it seems to fixed (havn't checked earlier
> releases), so they must have been running an old version of RouterOS if that
> was the platform they was using in this case, that I think someone was
> indicating.
>
> [admin at router1] /routing filter> set 1 set-bgp-prepend=20912
> value of set-bgp-prepend out of range (0..16)
>
> [admin at router1] /routing filter> set 1 set-bgp-prepend=17
> value of set-bgp-prepend out of range (0..16)
>
> I think having an option to prepend the AS-PATH with an integer multiplier
> is pretty convenient, just as they have checks like bgp-as-path-length=0 to
> check the lengh of AS-PATHs without writing regexps. But there should of
> course also be normal text prepends and regexp checks. With a check that no
> more than 16 are added, like the current version enforces misstakes like
> this shouldn't be possible.
>
> --
> _____________________________________________________________
> Mathias Sundman                  (^)   ASCII Ribbon Campaign
> OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
> http://openvpn.se/               / \   NO Word docs in e-mail
>
>



More information about the NANOG mailing list