nanog mailing list archives

Re: 91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced with AS_CONFED_SEQUENCE in AS4_PATH - propagated by 35320

From: Florian Weimer <fweimer () bfk de>
Date: Thu, 11 Dec 2008 09:34:27 +0100

* Andy Davidson:

OpenBGPd is therefore dropping the sessions when this update is
received.  Unideal if this attribute is learned on multiple
upstreams...

The impact today is fairly limited as there are relatively few bgp
speakers honouring the 4-byte ASN protocol extension rules, but as
code that support these features creeps around the internet, the next
time this happens the impact could be much greater, so we need to
understand which implementation of which BGP software caused this
illegal origination.


Uhm, shouldn't you just ignore invalid AS4_PATH attributes, instead of
dropping the session?  It's a transient, optional attribute, so you
can't rely on your peers to filter it.

-- 
Florian Weimer                <fweimer () bfk de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

Current thread:

91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced with AS_CONFED_SEQUENCE in AS4_PATH - propagated by 35320 Andy Davidson (Dec 10)
- Re: 91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced with AS_CONFED_SEQUENCE in AS4_PATH - propagated by 35320 Florian Weimer (Dec 11)
  - Re: 91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced with AS_CONFED_SEQUENCE in AS4_PATH - propagated by 35320 Andy Davidson (Dec 11)
  - Re: 91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced with AS_CONFED_SEQUENCE in AS4_PATH - propagated by 35320 Bjørn Mork (Dec 11)
    - Re: 91.207.218.0/23 prefix in DFZ - AS3.21 / AS196629 - announced with AS_CONFED_SEQUENCE in AS4_PATH - propagated by 35320 bill fumerola (Dec 11)