nanog mailing list archives
Re: AS PATH limits
From: Hank Nussbacher <hank () efes iucc ac il>
Date: Sun, 1 Oct 2017 08:17:53 +0300
On 01/10/2017 04:28, Christopher Morrow wrote:
On Sat, Sep 30, 2017 at 12:47 PM, Ken Chase <math () sizone org> wrote:I dont see that as the solution. Someone else will offend again. However, I also don't see trusting major backbones as our filters (for many other reasons). Our software should be handling what's effectively a buffer overflow or equivalent (beware long paths that are actually shellcode). Quagga among others seems to be subject to this bug, pre 0.99.23 or so (.99.24+ seems ok). So upgrading is a solution.ii quagga 0.99.22.4-3ubu i386 BGP/OSPF/RIP routing daemon interestingly enough that isn't crashlooping nor is it bouncing bgp sessions:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-1572 Quagga 0.99.11 and earlier affected. Fixed in 2009. -Hank
192.168.100.100 4 MYASN 1642717 8864 0 0 0 2d23h32m 672475 and it's happily showing me the route even... There was also some chatter on the quagga mailing list on how it's morepleasant to stab your eyeballs out rather than constructing extremely long regexp's that might work as a filter. https://lists.quagga.net/pipermail/quagga-users/2017-September/thread.html /kc On Sat, Sep 30, 2017 at 05:30:03PM +0200, Niels Raijer said: >My message to NANOG about this from 12:31 UTC today is still in the moderation queue. I had opened a support case with Cogent before writing my message to NANOG and Cogent has let me know approximately 40 minutes ago that they have contacted their customer. > >Niels > > > >On 30 Sep 2017, at 17:09, sthaug () nethelp no wrote: > >>> If you're on cogent, since 22:30 UTC yesterday or so this has been happening >>> (or happened). >> >> Still happening here. I count 562 prepends (563 * 262197) in the >> advertisement we receive from Cogent. I see no good reason why we >> should accept that many prepends. >> >> Steinar Haug, Nethelp consulting, sthaug () nethelp no > -- Ken Chase - math () sizone org Guelph Canada
Current thread:
- Re: AS PATH limits, (continued)
- Re: AS PATH limits Tom Beecher (Sep 20)
- Re: AS PATH limits craig washington (Sep 22)
- RE: AS PATH limits Jakob Heitz (jheitz) (Sep 21)
- Re: AS PATH limits Ken Chase (Sep 30)
- Re: AS PATH limits sthaug (Sep 30)
- Re: AS PATH limits jim deleskie (Sep 30)
- Message not available
- Re: AS PATH limits Ken Chase (Sep 30)
- Re: AS PATH limits Christopher Morrow (Sep 30)
- Re: AS PATH limits Ken Chase (Sep 30)
- Re: AS PATH limits William Herrin (Sep 30)
- Re: AS PATH limits Hank Nussbacher (Sep 30)
- Re: AS PATH limits Mikael Abrahamsson (Sep 30)
- Re: AS PATH limits sthaug (Sep 30)
- Re: AS PATH limits Tom Beecher (Sep 20)