AS PATH limits
Christopher Morrow
morrowc.lists at gmail.com
Sun Oct 1 01:28:28 UTC 2017
On Sat, Sep 30, 2017 at 12:47 PM, Ken Chase <math at sizone.org> wrote:
> I dont see that as the solution. Someone else will offend again.
>
> However, I also don't see trusting major backbones as our filters (for many
> other reasons). Our software should be handling what's effectively a
> buffer overflow
> or equivalent (beware long paths that are actually shellcode).
>
> Quagga among others seems to be subject to this bug, pre 0.99.23 or so
> (.99.24+ seems ok). So upgrading is a solution.
>
>
ii quagga 0.99.22.4-3ubu i386 BGP/OSPF/RIP routing
daemon
interestingly enough that isn't crashlooping nor is it bouncing bgp
sessions:
192.168.100.100 4 MYASN 1642717 8864 0 0 0 2d23h32m
672475
and it's happily showing me the route even...
There was also some chatter on the quagga mailing list on how it's more
> pleasant to stab your eyeballs out rather than constructing extremely long
> regexp's that might work as a filter.
>
> https://lists.quagga.net/pipermail/quagga-users/2017-September/thread.html
>
> /kc
>
>
> On Sat, Sep 30, 2017 at 05:30:03PM +0200, Niels Raijer said:
> >My message to NANOG about this from 12:31 UTC today is still in the
> moderation queue. I had opened a support case with Cogent before writing my
> message to NANOG and Cogent has let me know approximately 40 minutes ago
> that they have contacted their customer.
> >
> >Niels
> >
> >
> >
> >On 30 Sep 2017, at 17:09, sthaug at nethelp.no wrote:
> >
> >>> If you're on cogent, since 22:30 UTC yesterday or so this has been
> happening
> >>> (or happened).
> >>
> >> Still happening here. I count 562 prepends (563 * 262197) in the
> >> advertisement we receive from Cogent. I see no good reason why we
> >> should accept that many prepends.
> >>
> >> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
> >
>
> --
> Ken Chase - math at sizone.org Guelph Canada
>
More information about the NANOG
mailing list