More specifics from AS18978

Mark Tinka mark.tinka at seacom.mu
Fri Mar 27 10:10:19 UTC 2015


On 27/Mar/15 12:03, Job Snijders wrote:
> Sure, but even that might not always prevent the fake paths from leaking
> to your eBGP neighbors. For instance, not too long ago there was this
> bug:
>
>      "Routes learned with the no-export community from an iBGP neighbor
>      are being advertised to eBGP neighbors. This may occur on Cisco ASR
>      9000 Series Aggregation Services Routers." (don't remember BugID)
>
> In other words: it can happen to the best of us.

Your upstream could also re-write any BGP communities you attach to your 
BGP updates; so unless co-ordinated, there is no real guarantee a 
NO_EXPORT community will be maintained/honoured within your upstream's 
network.

Mark.


More information about the NANOG mailing list