nanog mailing list archives
RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?
From: "Ivan Pepelnjak" <ip () ioshints info>
Date: Tue, 18 Aug 2009 20:58:00 +0200
Ivan- Thanks for posting this how-to on excessive as prepends. I have a couple of questions that some of the less BGP savvy out their may find helpfull 1. In my enviornment, we are not doing full routes. We have partial routes from AS209 and then fail to AS7263. Is their any advantage for someone like me to do this, as we are not providing any IP transit so we are not passing the route table to anyone else?
You could do it to protect your BGP table, but as you're not a transit AS, it does not make much sense.
2. When I run the "sh ip bgp quote-regexp "_([0-9]+)_\1_\1_\1_\1_ \1_" | begin Network" I am seeing many many ASes that would be filtered by this access-list.
Obviously a lot of people are prepend-happy.
What happens to those networks, are they unreachable from my AS, or do I just route those networks to my upstream provider and let them deal with it?
If I understood correctly, you're using a default route toward AS7263, which means that anything that is not in your BGP table (and consequently your IP routing table) will be sent out of your AS via the default route. If you're getting the paths you're filtering from AS209 that means that more traffic will go to AS7263.
3. This last question is a little OT, but relates to your access list In the event of some kind if DOS attack coming from one of a few AS numbers (in this case we will use 14793), what is the feesability of using ip as-path access-list 100 deny _([0-9]+)_\1_\1_\1_\1_ ip as-path access-list 100 deny 14793 ip as-path access-list 100 permit .* Would this have any affect at all, or would my pipe from my upstream still be congested with garbage traffic ?
No. You cannot influence the inbound traffic apart from not advertising some of your prefixes to some of your neighbors or giving them hints with BGP communities or AS-path prepending. Whatever you do with BGP on your routers influences only the paths the outbound traffic is taking. What you'd actually need is remote-triggered black hole. Search the Nanog archives for RTBH, you'll find a number of links in a message from Frank Bulk sent a few days ago. Hope this helps Ivan http://www.ioshints.info/about http://blog.ioshints.info/
Current thread:
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?, (continued)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Joe Provo (Aug 17)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Ballard, Eric (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Jared Mauch (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Ricky Beam (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Paul Ferguson (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Marko Milivojevic (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Brett Watson (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Kevin Oberman (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Joe Provo (Aug 17)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Dylan Ebner (Aug 18)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Ivan Pepelnjak (Aug 18)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Dylan Ebner (Aug 18)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Nathan Ward (Aug 20)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Jared Mauch (Aug 17)