nanog mailing list archives
Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times
From: Jon Lewis <jlewis () lewis org>
Date: Sun, 27 Mar 2022 12:31:11 -0400 (EDT)
On Fri, 25 Mar 2022, Baldur Norddahl wrote:
On Fri, 25 Mar 2022 at 17:32, Joe Provo <nanog-post () rsuc gweep net> wrote: That said, prepending pretty much anything more than your current view of the Internet's diameter in ASNs is useless in practice. That is one way of viewing it. But prepending can also be used for traffic engineering. I could prepend 1 to my free peers, 2 to my paid peers, 3 to cheap ip transit, 4 to expensive ip transit etc. The linked draft RFC does not appear to discuss this at all. The depth of prepending used this way only relates to how many different classes of peers you can imagine in your setup and is not at all related to the "internet's diameter".
Is prepending used for any purpose other than TE? The point I think Joe was trying to make was prepending once or even a few times has uses. Prepending more than a few times is unlikely to accomplish anything a few prepends didn't get done.
Prepending 50, 100, 200+ times is kind of a universal "We have no clue what we're doing and you should reject our routes."
Once upon a time, such long prepends would break certain BGP implementations, causing session resets when a route like this was encountered. Hopefully, that's not a problem anymore, but enough networks likely still block excessive prepends that you shouldn't expect to be able to do this and have your route globally accepted...just like you can't advertise a v4 /25 and expect global reachability if there are no covering aggregate advertisements.
The interesting question here is, "did they really think a few more prepends would get the job done?" or did they misunderstand their router's prepend function, prepend 21299 (thinking they were telling it to prepend their ASN), and that got truncated because the syntax was actually telling it how many times to prepend the local AS? I'm guessing the latter, as they seem to have 254 prepends, and I'm guessing 255 is the max number of instances of their ASN their router is willing to put on an advertised route.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route StackPath, Sr. Neteng | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- AS21299 - 46.42.196.0/24 ASN prepending 255 times Erik Sundberg (Mar 24)
- Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times surfer (Mar 24)
- Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times Erik Sundberg (Mar 24)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Paschal Masha (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Bjørn Mork (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Joe Provo (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Baldur Norddahl (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Jon Lewis (Mar 27)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Baldur Norddahl (Mar 27)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Joe Maimon (Mar 31)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Matthew Petach (Mar 31)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Joe Maimon (Mar 31)
- Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times surfer (Mar 24)
- RE: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Adam Thompson (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Brian Knight via NANOG (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Matthew Petach (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Amir Herzberg (Mar 25)
- Re: DMARC ViolationAS21299 - 46.42.196.0/24 ASN prepending 255 times Matthew Petach (Mar 25)