Re: Blocking private AS

[ML <ml () kenweb org>]

On 2/18/2010 2:27 PM, Thomas Magill wrote:
> I am thinking about implementing a filter to block all traffic with
> private AS numbers in the path.  I see quite a few in my table though so
> I am concerned I might block some legitimate traffic.  In some cases,
> these are just prefixes with the private appended to the end but a few
> have the private as a transit.  Is this a good idea or would I likely be
> blocking too much legitimate traffic?  The filter I am using currently
> shows the following:

I am also curious about blocking legitimate traffic.  I just implemented
a filter to remove routes with a private-AS anywhere in the path. Over
200 routes were filtered. 

I spot checked a few prefixes:

A few had a covering prefix
A few prefixes were originated by a non-private AS and a private AS and
would have otherwise been accepted if Cogent (In my case) had that route
as a best path
And a few prefixes just won't be reachable by my customers.

If anyone wants to see what I filtered out:http://pastebin.com/AFyYrfZk
<http://pastebin.com/AFyYrfZk>