Anyone notice strange announcements for 174.128.31.0/24

Leo Bicknell bicknell at ufp.org
Tue Jan 13 10:12:49 CST 2009


In a message written on Tue, Jan 13, 2009 at 08:55:40AM -0500, John Payne wrote:
> I guess the problem is that AS PATH is overloaded and people forget  
> that the primary purpose is loop-avoidance.  Everything else is  
> secondary and much like reading Received headers in SMTP mail, you  
> really should take everything after your direct neighbor's AS with a  
> grain of salt.

Actually, I'd suggest your not looking at the primary purpose close
enough.

Loop detection kicks in only when there is a loop.  You see your
own ASN coming back to you.

In the case we're discussing THERE IS NO LOOP.  Someone is mis-using
this feature to control the propagation of routes.  Were the victim
to do a show ip bgp neighbor foo receive-routes and see their own
path they would be reasonable to assume that there is a loop, and
someone is reflecting their own route back to them.

This is a human configuring a device to lie about the loop status
in the network.  That is also the problem with this method, it is
exactly the opposite of what the attribute was meant to convey, and
thus someone on the other end who doesn't know what you're doing
is virtually guaranteed to make the wrong assumption.  You're going
to spin up network engineers looking for routing loops, route leaks,
and other issues if you use this method.

I'd also suggest, as Jared pointed out, there are potential libel
/ trade-dress / slander implications here.  Sending out an AS-Path
of "ASfoo ASbar" is the technological equivalent of the English
statement "foo and bar are interconnected with BGP".  Just because
you hide a false statement in an AS-Path doesn't make it any less
of a false statement.

-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20090113/5ee9076b/attachment.bin>


More information about the NANOG mailing list