North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Bogon list

  • From: David McGaugh
  • Date: Tue Jun 04 20:36:09 2002

It just occurred to me that one could use the extended traceroute on the
back end for a Cisco to tweak the source IP but there again, it would
not be completely effective unless everyone did this.

-Dave

David McGaugh wrote:
> 
> Tweaking our Looking Glass software by itself would not fix the problem
> (ours doesn't have this problem anyway). To fix the problem everyone
> would have to tweak their Looking Glass software since the problem can
> be seen when someone traceroutes from a peer or 3rd party's Looking
> Glass into our customer (in the event they weren't receiving the IXP
> blocks from us).
> 
> One better might be to have the Looking Glass participating routers
> manipulate their source IP address for pings and traceroutes.
> 
> Cisco:
> Router(config)#ip traceroute source-interface ?
> % Unrecognized command
> Hmmm...
> 
> Router(config)#ip ping source-interface ?
> % Unrecognized command
> Hmmm...
> 
> Juniper:
> [edit]
> Router# set system default-address-selection
> Hey that works!
> 
> Is there a way of doing this on a Cisco?
> 
> -Dave
> 
> "Sean M. Doran" wrote:
> >
> > | While on the subject of IXP blocks, we also ended up redistributing the
> > | IXP blocks and sending them to our BGP customers (who do not receive a
> > | default) so that traceroutes and such from Looking Glasses do not break.
> > | They can then choose to filter them as they wish.
> >
> > This is backwards.  Do not break the architecture to fix a broken
> > looking glass (or to work around bad interpretations of real-world
> > traceroute results).   Spend a few minutes scripting your looking
> > glass software so that if it sees a well-known target, or an expected
> > real-world result (1918 addresses that YOU are using, with expected
> > ttl-distance), it returns a "sanitized" result to a naive
> > looking glass user.
> >
> > I wonder if there exists the possibility of a useful (perhaps open source)
> > generalized expert system to interpret traceroute data?
> > "configure; make; make install" is probably even easier than
> > breaking one's filter lists to leak prefixes all over the place.
> >
> >         Sean.  (that was a hint.  you know who you are.)
> 
> --
> ------------------------------------------
>  Dave McGaugh, Internetwork Engineer
>  Electric Lightwave, Inc.
>  E-mail: [email protected]
>  Office: 360.816.3718 | Fax: 360.816.3297
> ------------------------------------------