North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: long as path games?

  • From: Blaine Christian
  • Date: Mon Jan 31 12:58:45 2005

Specifically, they have the ability to tickle a legacy cisco bug with AS
path length.  This bug was supposedly mitigated in code and I believe my
previous company is still filtering AS path length (UUNET) of 100 or
greater. 

A valid AS-Path of greater than 100 has not yet been found (which was why
the filters were in place).





On 1/31/05 8:53 AM, "Jared Mauch" <[email protected]> wrote:

> 
> On Mon, Jan 31, 2005 at 07:19:14AM +0200, Hank Nussbacher wrote:
>> 
>> At 10:23 PM 30-01-05 -0500, Jon Lewis wrote:
>> 
>>> Someone at fido.net having some bgp config issues?
>> 
>> Looks like someone probing for a buffer overflow on a world-wide basis.
>> 
>> -Hank
>> 
>> 
>>> Jan 30 18:34:51 EST: %BGP-6-ASPATH: Long AS path 6461 3356 6770 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282
>>> received from ...
> 
> Router(config-router)#bgp maxas-limit ?
>   <1-2000>  Number of ASes in the AS-PATH attribute
> 
> Router(config-router)#bgp maxas-limit 50
> 
> Easy to fix/reject.
> 
> - jared