one of our BGP neighbours is sending incorrect AS-path inside BGP updates. The content is a mixture of private AS nubmers and public ones (including even some owned by other ISPs!).
Does anybody know a way how to "clean up" the received AS-Path?
I know the "neighbor ... remove-private-AS" command but it fails on a private/public mixture.
So it seems I'll have to make some BGP-IGP mutual redistribution :-(
Unless some BGP guru would bring some idea...
Can this neighbor just clean these incorrect AS paths? AS path manipulation, beyond private AS removal, is generally prohibited as it could lead to routing loops.
we asked them to fix several times, but seems like an incompetent provider.
I know such a AS path manipulation would be quite dangerous in the Internet.
But this is a corporate network not advertised to the Internet.
The problem is we are peering with several MPLS providers and one of them sends these incorrect as-paths.
As suggested, you can filter it out or try to remove the as path by doing mutual redistribution but this is only a work around. Another option could be to shop around for a replacement for this SP.
check with them if they are playing with the new 4byte AS number feature.
Using AS numbers of other ISPs is clearly wrong I think this is an unwanted leakage from a lab to the production network.
Deny these paths and send a mail to them so that no one can blame you for propagating incorrect information in the Internet
Hope to help
no this is not a leakage from a lab.
This is an incompetent MPLS provider using AS numbers like 1, 100, etc. in his backbone.
Luckilly, this is a corporate network not connected to the Internet.
I had been thinking about implementing 4byte AS number feature in our network to mask these AS numbers somehow but din't find any useful way.
You will need "AS-Path Regular Expression" to deny the private AS.
Deny thoses Private-AS numbers using BGP regular expression,
Please have a look at the bellow document:
I can't deny the prefixes.
I need to use them.
I'd need to remove the incorrect AS numbers from the AS-path (replace with correct ones possibly) and send to other BGP neighbours.
But I'm afraid this is impossible without BGP-IGP redistribution.
what about summarizing the routes locally on your router with summary-only option ?
if they have different AS paths they shoulg get a new shorter AS path attribute originated in your legitimate AS
otherwise you can use static routes with object tracking (if supported) and red static in BGP
Hope to help