North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
That pesky AS path corruption bug...
Hello all, After observing a recent issue regarding a router that sent corrupted AS path (all names are witheld to protect the guilty). I took a look at the path information that was being received and have a possible solution. Since the corrupted AS-path does not include the AS that the route is coming from (at least in the corruption that I saw) it seems to me that a simple solution for all is to filter on AS i.e. only allow routes that have the AS of your EBGP neighbor prepended to them. I realize this does not cover all cases of wacky AS corruption problems but it may fix some of them. I would suggest that those of you running mixed vendor EBGP (again names witheld) should implement a version of this strategy for your own self protection. It can certainly be implemented as part of an overall customer access functionality. This may be obvious to some of you but I do not believe that everyone is at this level yet. Of course the tirade part of this email is for all vendors involved in this travesty. If you do not understand or dislike a route that you have received don't just CRASH. Anyone ever thought of checking the route and throwing it out with an error message if you don't like it? I, of course, have heard and seen that several vendors have fixed this in the more recent releases. This type of bug is something that everyone who writes software has to deal with. If you raise an exception for bad input it is bad form to crash or reset your application. BTW, I am sure all have heard this argument before. I just wanted to get this topic renewed. Regards, Blaine