nanog mailing list archives
RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?
From: Dylan Ebner <dylan.ebner () crlmed com>
Date: Tue, 18 Aug 2009 17:54:10 +0000
Ivan- Thanks for posting this how-to on excessive as prepends. I have a couple of questions that some of the less BGP savvy out their may find helpfull 1. In my enviornment, we are not doing full routes. We have partial routes from AS209 and then fail to AS7263. Is their any advantage for someone like me to do this, as we are not providing any IP transit so we are not passing the route table to anyone else? 2. When I run the "sh ip bgp quote-regexp "_([0-9]+)_\1_\1_\1_\1_ \1_" | begin Network" I am seeing many many ASes that would be filtered by this access-list. What happens to those networks, are they unreachable from my AS, or do I just route those networks to my upstream provider and let them deal with it? 3. This last question is a little OT, but relates to your access list In the event of some kind if DOS attack coming from one of a few AS numbers (in this case we will use 14793), what is the feesability of using ip as-path access-list 100 deny _([0-9]+)_\1_\1_\1_\1_ ip as-path access-list 100 deny 14793 ip as-path access-list 100 permit .* Would this have any affect at all, or would my pipe from my upstream still be congested with garbage traffic ? Thanks Dylan Ebner -----Original Message----- From: Ivan Pepelnjak [mailto:ip () ioshints info] Sent: Tuesday, August 18, 2009 2:37 AM To: 'randal k'; 'Adam Hebert' Cc: nanog () nanog org Subject: RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?
Anybody have a handy route-map that will deny anything with a as-path longer than say 15-20? ;-)
http://wiki.nil.com/Filter_excessively_prepended_BGP_paths Ivan http://www.ioshints.info/about http://blog.ioshints.info/
Current thread:
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?, (continued)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? randal k (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Joe Provo (Aug 17)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Ballard, Eric (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Jared Mauch (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Ricky Beam (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Paul Ferguson (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Marko Milivojevic (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Brett Watson (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Kevin Oberman (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Joe Provo (Aug 17)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? randal k (Aug 17)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Dylan Ebner (Aug 18)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Ivan Pepelnjak (Aug 18)
- RE: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Dylan Ebner (Aug 18)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Nathan Ward (Aug 20)
- Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? Jared Mauch (Aug 17)