nanog mailing list archives

Re: More specifics from AS18978

From: Mark Tinka <mark.tinka () seacom mu>
Date: Fri, 27 Mar 2015 12:10:19 +0200



On 27/Mar/15 12:03, Job Snijders wrote:

Sure, but even that might not always prevent the fake paths from leaking
to your eBGP neighbors. For instance, not too long ago there was this
bug:

     "Routes learned with the no-export community from an iBGP neighbor
     are being advertised to eBGP neighbors. This may occur on Cisco ASR
     9000 Series Aggregation Services Routers." (don't remember BugID)

In other words: it can happen to the best of us.

Your upstream could also re-write any BGP communities you attach to yourBGP updates; so unless co-ordinated, there is no real guarantee aNO_EXPORT community will be maintained/honoured within your upstream'snetwork.


Mark.

Current thread:

Re: Prefix hijack by INDOSAT AS4795 / AS4761, (continued)
- - Re: Prefix hijack by INDOSAT AS4795 / AS4761 Christopher Morrow (Mar 26)
    - Re: Prefix hijack by INDOSAT AS4795 / AS4761 Chuck Anderson (Mar 26)
  - Re: Prefix hijack by INDOSAT AS4795 / AS4761 Paul S. (Mar 26)
  - Re: Prefix hijack by INDOSAT AS4795 / AS4761 Andree Toonk (Mar 26)
    - RE: Prefix hijack by INDOSAT AS4795 / AS4761 Peter Rocca (Mar 26)
    - RE: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] Randy (Mar 26)
    - RE: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] Nick Rose (Mar 26)
    - RE: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] Nick Rose (Mar 26)
    - Re: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] ML (Mar 26)
    - Re: More specifics from AS18978 Job Snijders (Mar 27)
    - Re: More specifics from AS18978 Mark Tinka (Mar 27)
- Re: Prefix hijack by INDOSAT AS4795 / AS4761 Pierre Emeriaud (Mar 26)