Re: Long BGP AS paths

[Tim Evens <tim () snas io>]

The outliers are >100. Based on several peering points, <= 60 should be
fine. See attached CSV file that shows the top 120 distinct AS Paths
seen for the past month. Looks like 55644 likes to prepend a lot which
is pushing the length above 50. 

--Tim 

On 01.10.2017 09:16, marcel.duregards--- via NANOG wrote: 

> What would be a recommended value for a maximum as-path filter ?
>
> 50 ?
>
> On the DFZ I've only 11 prefixes longer than 30 as-path, so for safety I
> would also assume 50 as a max is well enough. Any advice ?
>
> Regards,
> -
> Marcel
>
> On 01.10.2017 00:29, William Herrin wrote:
>
> > To the chucklehead who started announcing a 2200+ byte AS path yesterday around 18:27 EDT, I beg of you: STOP. 
> > You've triggered a bug in Quagga that's present in all versions released in the last decade. Your announcement 
> > causes routers based on Quagga to send a malformed update to their neighbors, collapsing the entire BGP session. 
> > Every 30 seconds or so. For everyone else: please consider filtering BGP announcements with stupidly long AS paths. 
> > There's no need nor excuse for them to be present in the DFZ and you could have saved me a painful Saturday. Cisco: 
> > router bgp XXX bgp maxas-limit 50 Juniper: https://kb.juniper.net/InfoCenter/index?page=content&id=KB29321 [1] 
> > Quagga: ip as-path access-list maxas-limit50 deny ^([{},0-9]+ ){50} ip as-path access-list maxas-limit50 permit .* 
> > Regards, Bill Herrin
>
> .



Links:
------
[1] https://kb.juniper.net/InfoCenter/index?page=content&amp;id=KB29321