RU evidently hijacked UA netblock
ESundberg at nitelusa.com
Sat Mar 5 05:38:32 UTC 2022
Here is a doc for each hardware vendor for filtering long as paths. Not sure if this will help you or if the issue is before filtering takes place.
We have ours max length set to 75.
Sr. Network Engineer
350 N Orleans Street
Chicago, Il 60654
Email: esundberg at nitelusa.com
From: NANOG <nanog-bounces+esundberg=nitelusa.com at nanog.org> on behalf of Scott Weeks <surfer at mauigateway.com>
Sent: Friday, March 4, 2022 8:46:47 PM
To: nanog at nanog.org <nanog at nanog.org>
Subject: Re: RU evidently hijacked UA netblock
--- jay at west.net wrote:
On 3/4/22 18:03, Scott Weeks wrote:
> It looks like a 'too many' AS prepends, but it is only 250 prepends.
In most reasonable scenarios I'd say that this qualifies as too many.
Yeah, technically, but it was not 256 or something where I'd expect an issue to happen. Just curious as to why only that ASN caused the buffer overflow messages as I got them from no other AS ever and wondered if anyone else has seen them. Other ASNs almost certainly have sent 250+ prepends to me before, but they did not cause the overflow. Like I said, I have a ticket open because I am curious:
BGP-WARNING-tBgp4RouteInvalid-2007 <stuff> Route invalid reason - Cannot add/prepend AS-path. Buffer overflow\nNRLI - <prefix> where prefixes are several and different lengths.
Probably nothing, but I always look into stuff I see in the syslog server's router.log.
CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the NANOG