![nanog logo](/images/nanog-logo.png)
nanog mailing list archives
Re: Blocking private AS
From: Kevin Loch <kloch () kl net>
Date: Fri, 19 Feb 2010 15:52:32 -0500
Thomas Magill wrote:
I am thinking about implementing a filter to block all traffic with private AS numbers in the path. I see quite a few in my table though so I am concerned I might block some legitimate traffic. In some cases, these are just prefixes with the private appended to the end but a few have the private as a transit. Is this a good idea or would I likely be blocking too much legitimate traffic? The filter I am using currently shows the following:
I filter private asn's and have not had any reachability problems related to that. I suspect most of the routes you see with a private ASN in the path are covered by a less specific route without any private ASN in the path. Someone used a private ASN with their customer and forgot to filter it to their upstreams/peers. - Kevin
Current thread:
- Blocking private AS Thomas Magill (Feb 18)
- Re: Blocking private AS Kevin Loch (Feb 19)