DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times
Joe Provo
nanog-post at rsuc.gweep.net
Fri Mar 25 16:31:34 UTC 2022
On Fri, Mar 25, 2022 at 11:08:01AM +0300, Paschal Masha wrote:
> :) probably the longest prepend in the world.
>
> A thought though, is it breaking any standard or best practice procedures?
Many popular BGP implementations have historically had weaknesses
with excessively long AS-paths. Best practice is to protect ones'
infrastructure so many networks drop paths over certain lengths
(at various times, 50 or 100 were common due to specific issues).
It is highly common for any filtering mechanism, once established,
to stay in place, so I fully expect this path to be invible to many
and fragile for the rest [see
https://blog.apnic.net/2019/07/15/excessive-bgp-as-path-prepending-is-a-self-inflicted-vulnerability/].
That said, prepending pretty much anything more than your current view
of the Internet's diameter in ASNs is useless in practice. Cascading
effects are considered in
https://datatracker.ietf.org/doc/draft-ietf-grow-as-path-prepending/
where a decent low number (5) is propsed.
Chers,
Joe
--
Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling
More information about the NANOG
mailing list