nanog mailing list archives
Re: anyone else seeing very long AS paths?
From: German Martinez <gmartine () ajax opentransit net>
Date: Tue, 17 Feb 2009 13:54:34 -0500
On Tue Feb 17, 2009, Michael Ulitskiy wrote: Hello, CSCee30718 – it removes the default value of bgp max-as from the router. The solution is introduced in CSCeh13489 BGP shouldn't propogate an update w excessive AS Path > 255 Symptoms: A router may reset its Border Gateway Protocol (BGP) session. Conditions: This symptom is observed when a Cisco router that peers with other routers receives an Autonomous System (AS) path with a length that is equal to or greater than 255. Workaround: Configure the bgp maxas limit command in such as way that the maximum length of the AS path is a value below 255. When the router receives an update with an excessive AS path value, the prefix is rejected and recorded the event in the log. This workaround has been suggested previously by Hank. Anyone knows about any possible CPU impacts in case that you implement bgp maxas? Thanks German
My bgp speaking devices are a couple of 7200s running 12.2(40). Not the newest IOS out there, but it's been doing the job just fine up until yesterday. Yesterday, when that malformed announcement hit my routers they didn't crash, but they did reset bgp sessions (even though I didn't accept the route) and they kept doing so until I got my upstream to filter it out. According to cisco bug toolkit CSCdr54230 should be fixed in 12.2, so obviously it's not enough. Does anybody know what IOS version has fix this problem, 'cause I couldn't find this info at CCO? Thanks, Michael On Tuesday 17 February 2009 10:21:07 am Etaoin Shrdlu wrote:Jared Mauch wrote:On Tue, Feb 17, 2009 at 08:07:36AM +0200, Hank Nussbacher wrote:"They" will keep trying and until a vast majority of ISPs implement maxas, this will keep happening.Or until people who are still running multi-year old cisco code actually upgrade? This seems to primarily impact: 1) Old cisco code 2) PC based bgp daemonsBoth of which likely just need to be upgraded. I actually suspect that a lot of people who dropped their bgp sessions did not notice something happened, and still will not upgrade their code....I suspect these people don't even know they have a bgp speaking device anymore.On the other hand, the fact that various entities have gone out of their way to advertise that they're running old hardware/out-of-date software has been noted elsewhere. I'd strongly suggest, if you're reading NANOG, that you update, before someone less pleasant and friendly than myself finds you. Please.
Attachment:
_bin
Description:
Current thread:
- Re: anyone else seeing very long AS paths?, (continued)
- Re: anyone else seeing very long AS paths? Michael Ulitskiy (Feb 16)
- Re: anyone else seeing very long AS paths? Paul Ferguson (Feb 16)
- RE: anyone else seeing very long AS paths? Jason Kalai Arasu (Feb 16)
- Re: anyone else seeing very long AS paths? Jens Ott - PlusServer AG (Feb 17)
- RE: anyone else seeing very long AS paths? Hank Nussbacher (Feb 16)
- Re: anyone else seeing very long AS paths? Florian Weimer (Feb 17)
- Re: anyone else seeing very long AS paths? Jared Mauch (Feb 17)
- Re: anyone else seeing very long AS paths? Etaoin Shrdlu (Feb 17)
- Re: anyone else seeing very long AS paths? Adrian Chadd (Feb 17)
- Re: anyone else seeing very long AS paths? Michael Ulitskiy (Feb 17)
- Re: anyone else seeing very long AS paths? German Martinez (Feb 17)
- Re: anyone else seeing very long AS paths? Mike Lewinski (Feb 17)
- Re: anyone else seeing very long AS paths? German Martinez (Feb 17)
- Re: anyone else seeing very long AS paths? Jack Bates (Feb 17)
- Re: anyone else seeing very long AS paths? Leland E. Vandervort (Feb 17)
- RE: anyone else seeing very long AS paths? Ivan Pepelnjak (Feb 17)
- Re: anyone else seeing very long AS paths? Jack Bates (Feb 17)
- Re: anyone else seeing very long AS paths? Mike Lewinski (Feb 17)
- RE: anyone else seeing very long AS paths? Ivan Pepelnjak (Feb 17)
- Re: anyone else seeing very long AS paths? Rodney Dunn (Feb 17)
- Re: anyone else seeing very long AS paths? German Martinez (Feb 17)