nanog mailing list archives
Re: More specifics from AS18978
From: Mark Tinka <mark.tinka () seacom mu>
Date: Fri, 27 Mar 2015 12:10:19 +0200
On 27/Mar/15 12:03, Job Snijders wrote:
Sure, but even that might not always prevent the fake paths from leaking to your eBGP neighbors. For instance, not too long ago there was this bug: "Routes learned with the no-export community from an iBGP neighbor are being advertised to eBGP neighbors. This may occur on Cisco ASR 9000 Series Aggregation Services Routers." (don't remember BugID) In other words: it can happen to the best of us.
Your upstream could also re-write any BGP communities you attach to your BGP updates; so unless co-ordinated, there is no real guarantee a NO_EXPORT community will be maintained/honoured within your upstream's network.
Mark.
Current thread:
- Re: Prefix hijack by INDOSAT AS4795 / AS4761, (continued)
- Re: Prefix hijack by INDOSAT AS4795 / AS4761 Christopher Morrow (Mar 26)
- Re: Prefix hijack by INDOSAT AS4795 / AS4761 Chuck Anderson (Mar 26)
- Re: Prefix hijack by INDOSAT AS4795 / AS4761 Paul S. (Mar 26)
- Re: Prefix hijack by INDOSAT AS4795 / AS4761 Andree Toonk (Mar 26)
- RE: Prefix hijack by INDOSAT AS4795 / AS4761 Peter Rocca (Mar 26)
- RE: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] Randy (Mar 26)
- RE: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] Nick Rose (Mar 26)
- RE: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] Nick Rose (Mar 26)
- Re: More specifics from AS18978 [was: Prefix hijack by INDOSAT AS4795 / AS4761] ML (Mar 26)
- Re: More specifics from AS18978 Job Snijders (Mar 27)
- Re: More specifics from AS18978 Mark Tinka (Mar 27)
- Re: Prefix hijack by INDOSAT AS4795 / AS4761 Christopher Morrow (Mar 26)