Re: That pesky AS path corruption bug...

[Vijay Gill <wrath () cs umbc edu>]

On Tue, 23 May 2000, Blaine Christian wrote:

> 1. How can everyone protect themselves RIGHT NOW.

RIGHT NOW you can basically shut your routers off.  Or a slightly less
drastic method might be to trace down the session that originates the bad
NLRI and turn that peering session down.

> else is free game.  Who besides a route-server would want to prepend an
> AS besides their own.  Who wants to allow customers and perhaps even
> peers to send routes prepending an AS that is not their own? 

Prepending an AS is not as inherently bad as REMOVING an as.  You can only
prepend an AS to a route you send out (either you originate or you transit
it).  If you own the object, BFD.  People will notice that you are messing
with their AS and various unpleasantness will occur.  If you are messing
with others people's objects that you are transiting, then they should get
a better transit provider.  Either way, it is a self correcting problem
which does not cause any catastrophic damage, like removing an as would.


> EBGP peer with extreme suspicion.  Reseting the BGP session (perhaps
> tearing it down and leaving it down until a human intervenes) is probably
> the best idea.  A note of interest for the events I have seen is that you

This is already accounted for in the spec.  Exponential backoff on retry.


> way.  In fact the vendors I am thinking of quite obviously propagate the
> bad route AND THEN decide to reset their BGP on a larger scale<grrrr>.  

Escalate the issue internally to net-eng and let Juzer deal with it. 


/vijay