07-08-2009 02:53 AM - edited 03-04-2019 05:21 AM
Hi,
I wanted to know the following;
1. What is the impact of long BGP ASN prepending to the Internet?
2. Does the line "bgp maxas-limit xx" helps against item 1 or cause more harm?
3. There are 3 occasions that I saw some prepend in the internet hits over 100 which is ridiculous, later disappeared. What causes them? Configuration error? Bugs? IPv6? 4-byte ASN?
Here is a sample, the offending BGP ASN is EEEEE
%BGP-6-ASPATH: Long AS path AAAA BBBB CCCC DDDD EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE EEEEE received from w.x.y.z: More than configured MAXAS-LIMIT
Thanks,
Dandy
Solved! Go to Solution.
07-08-2009 05:35 AM
Hello Dandy,
there was another thread about this issue some time ago.
Just as a follow-up -- and in case anyone hasn't read these yet:
http://www.renesys.com/blog/2009/02/the-flap-heard-around-the-worl.shtml
http://asert.arbornetworks.com/2009/02/ahh-the-ease-of-introducing-global-r
outing-instability/
hope to help
Giuseppe
07-08-2009 05:35 AM
Hello Dandy,
there was another thread about this issue some time ago.
Just as a follow-up -- and in case anyone hasn't read these yet:
http://www.renesys.com/blog/2009/02/the-flap-heard-around-the-worl.shtml
http://asert.arbornetworks.com/2009/02/ahh-the-ease-of-introducing-global-r
outing-instability/
hope to help
Giuseppe
07-08-2009 07:48 AM
Hi Giuseppe,
Many thanks.
I'm the one who post that in February about the two ASN which is also posted in other forums by other network pro, although I'm NOT affected at that time, when it shows up in my log, I quickly block those two ASN and put "bgp maxas-limit 75" for precaution.
This month, I see only one ASN. Coincidentally there are users who experienced slowness accessing internet. I'm guessing that some ISP routers running BGP may have been affected drastically. Funny though, I don't see anybody discussing them or even post it in any forum like the first two.
I have not follow up that post, after posting this and search for my old post, I saw your reply there.
From the link you provided, my question is what is the use of prepending over 200 times and why thus it is allowed by IOS. Shouldn't the IOS be build as to not allow any noob who just got their BGP license yesterday do that?
Check your BGP logs July 01, 2009 @01:30GMT
Thanks,
Dandy
07-08-2009 12:37 PM
I do not see a need for that many times. I know that I have worked with vendors that have a filter set-up to only allow the AS to be pre-pended 5 times, this is their max. There really is no need for more than that. I had a fellow employee set it up 30 times and went to a route views server and started laughing telling me to watch this. He checked the route and was upset to only see the prepending 5 times!
07-09-2009 12:08 AM
Hi,
I'm confused here:
Are you saying your fellow employee prepended his AS number 30 times and the ISP advertised his prefix to the Internet but reduced 30 repeating AS numbers to 5 only?
How could that be done?
So far I understood no such a manipulation would be possible with public AS numbers?
Thanks,
Milan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide