NANOG
Threads by month
- ----- 2026 -----
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- 66 participants
- 54528 discussions
Good morning, NANOGers. My colleague at work wonders if anyone has
suggestions for software to database all our fiber plant that we're
constructing. We started out with paper, then Excel spreadsheets in a
folder and on paper in a book, but clearly as our plant grows and we
do more splicing this is not going to scale. We have started a MySQL
database with a few tables, but wonder if someone has already invented
this wheel.
What do the "big boys" use? Homegrown solutions developed in-house and
jealously guarded? Something standard? Expensive or cheap? Free open-
source? He'd like to see...
outside plan facilities: cables, fibers, splice points, poles; copper
and fiber, preferably, but fiber is more important
"circuit" or "DLR" that knows what elements are involved in a circuit
GIS integration so that cables can be drawn on a map automagically
low cost, of course
Thanks in advance, everyone.
-- Jeff Saxe, Network Engineer
Blue Ridge InternetWorks, Charlottesville, VA
434-817-0707 ext. 2024 / JSaxe(a)briworks.com
5
4
I apologize for being somewhat off topic...
I've got a fair amount of SPARC hardware (v210 through v490) and 32bit HP DL360-380 hardware that I'm looking for creative ways to dispose of or to donate.
It seems like a waste to send it to metal scrap, if anyone has a more creative way of disposal please contact me off list. Local to San Francisco.
*disclaimer, contributions cannot go to religious or political organizations per corp policy*
Thanks!
-wil
7
7
One of the affected platforms. I think it has info on IOS patches for it. I
didn't read all of it as I don't have any Cisco products.
---------- Forwarded message ----------
From: Cisco Systems Product Security Incident Response Team <psirt(a)cisco.com
>
Date: Fri, Aug 27, 2010 at 8:00 PM
Subject: Cisco Security Advisory: Cisco IOS XR Software Border Gateway
Protocol Vulnerability
To: nanog(a)merit.edu
Cc: psirt(a)cisco.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco IOS XR Software Border Gateway
Protocol Vulnerability
Advisory ID: cisco-sa-20100827-bgp
Revision 1.0
For Public Release 2010 August 27 2200 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco IOS XR Software contains a vulnerability in the Border Gateway
Protocol (BGP) feature. The vulnerability manifests itself when a BGP
peer announces a prefix with a specific, valid but unrecognized
transitive attribute. On receipt of this prefix, the Cisco IOS XR
device will corrupt the attribute before sending it to the
neighboring devices. Neighboring devices that receive this corrupted
update may reset the BGP peering session.
Affected devices running Cisco IOS XR Software corrupt the
unrecognized attribute before sending to neighboring devices, but
neighboring devices may be running operating systems other than Cisco
IOS XR Software and may still reset the BGP peering session after
receiving the corrupted update. This is per standards defining the
operation of BGP.
Cisco developed a fix that addresses this vulnerability and will be
releasing free software maintenance upgrades (SMU) progressively
starting 28 August 2010. This advisory will be updated accordingly as
fixes become available.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
Affected Products
=================
This vulnerability affects all Cisco IOS XR Software devices
configured with BGP routing.
Vulnerable Products
+------------------
To determine the Cisco IOS XR Software release that is running on a
Cisco product, administrators can log in to the device and issue the
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS XR Software by
displaying text similar to "Cisco IOS XR Software". The software
version is displayed after the text "Cisco IOS XR Software".
The following example identifies a Cisco CRS-1 that is running Cisco
IOS XR Software Release 3.6.2:
RP/0/RP0/CPU0:CRS#show version
Tue Aug 18 14:25:17.407 AEST
Cisco IOS XR Software, Version 3.6.2[00]
Copyright (c) 2008 by Cisco Systems, Inc.
ROM: System Bootstrap, Version 1.49(20080319:195807) [CRS-1 ROMMON],
CRS uptime is 4 weeks, 4 days, 1 minute
System image file is "disk0:hfr-os-mbi-3.6.2/mbihfr-rp.vm"
cisco CRS-8/S (7457) processor with 4194304K bytes of memory.
7457 processor at 1197Mhz, Revision 1.2
17 Packet over SONET/SDH network interface(s)
1 DWDM controller(s)
17 SONET/SDH Port controller(s)
8 TenGigabitEthernet/IEEE 802.3 interface(s)
2 Ethernet/IEEE 802.3 interface(s)
1019k bytes of non-volatile configuration memory.
38079M bytes of hard disk.
981440k bytes of ATA PCMCIA card at disk 0 (Sector size 512 bytes).
Configuration register on node 0/0/CPU0 is 0x102
Boot device on node 0/0/CPU0 is mem:
!--- output truncated
The following example identifies a Cisco 12404 router that is running
Cisco IOS XR Software Release 3.7.1:
RP/0/0/CPU0:GSR#show version
Cisco IOS XR Software, Version 3.7.1[00]
Copyright (c) 2008 by Cisco Systems, Inc.
ROM: System Bootstrap, Version 12.0(20051020:160303) SOFTWARE
Copyright (c) 1994-2005 by cisco Systems, Inc.
GSR uptime is 3 weeks, 6 days, 3 hours, 20 minutes
System image file is "disk0:c12k-os-mbi-3.7.1/mbiprp-rp.vm"
cisco 12404/PRP (7457) processor with 2097152K bytes of memory.
7457 processor at 1266Mhz, Revision 1.2
1 Cisco 12000 Series Performance Route Processor
1 Cisco 12000 Series - Multi-Service Blade Controller
1 1 Port ISE Packet Over SONET OC-48c/STM-16 Controller (1 POS)
1 Cisco 12000 Series SPA Interface Processor-601/501/401
3 Ethernet/IEEE 802.3 interface(s)
1 SONET/SDH Port controller(s)
1 Packet over SONET/SDH network interface(s)
4 PLIM QoS controller(s)
8 FastEthernet/IEEE 802.3 interface(s)
1016k bytes of non-volatile configuration memory.
1000496k bytes of disk0: (Sector size 512 bytes).
65536k bytes of Flash internal SIMM (Sector size 256k).
Configuration register on node 0/0/CPU0 is 0x2102
Boot device on node 0/0/CPU0 is disk0:
!--- output truncated
Additional information about Cisco IOS XR Software release naming
conventions is available in the "White Paper: Cisco IOS Reference
Guide" at the following link:
http://www.cisco.com/web/about/security/intelligence/ios-ref.html#9
Additional information about Cisco IOS XR Software time-based release
model is available in the "White Paper: Guidelines for Cisco IOS XR
Software" at the following link:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8803/ps5845/product_b…
BGP is configured in Cisco IOS XR Software with the configuration
command "router bgp [AS Number]" or "router bgp [X.Y]". The device is
vulnerable if it is running an affected Cisco IOS XR Software version
and has BGP configured.
The following example shows a Cisco IOS XR Software device configured
with BGP:
RP/0/0/CPU0:GSR#show running-config | begin router bgp
Building configuration...
router bgp 65535
bgp router-id 192.168.0.1
address-family ipv4 unicast
network 192.168.1.1/32
!
address-family vpnv4 unicast
!
neighbor 192.168.2.1
remote-as 65534
update-source Loopback0
address-family ipv4 unicast
!
!--- output truncated
Products Confirmed Not Vulnerable
+--------------------------------
The following Cisco products are confirmed not vulnerable:
* Cisco IOS Software
* Cisco IOS XR Software not configured for BGP routing
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
=======
This vulnerability affects Cisco IOS XR devices running affected
software versions and configured with the BGP routing feature.
The vulnerability manifests itself when a BGP peer announces a prefix
with a specific, valid but unrecognized transitive attribute. On
receipt of this prefix, the Cisco IOS XR device will corrupt the
attribute before sending it to the neighboring devices. Neighboring
devices that receive this corrupted update may reset the BGP peering
session.
Affected devices running Cisco IOS XR Software corrupt the
unrecognized attribute before sending to neighboring devices, but
neighboring devices may be running operating systems other than Cisco
IOS XR Software and may still reset the BGP peering session after
receiving the corrupted update. This is per RFC 4271 that defines the
operation of BGP.
After an affected device running Cisco IOS XR Software sends a
corrupted update, it will receive a notification from the neighboring
router and will create a log message like the following example:
bgp[122]: %ROUTING-BGP-5-ADJCHANGE : neighbor 172.16.1.251 Down - BGP
Notification received: update malformed
This vulnerability is documented in Cisco Bug ID CSCti62211 and has
been assigned Common Vulnerabilities and Exposures (CVE) ID
CVE-2010-3035.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCti62211 - BGP flaps due to unknown attribute
CVSS Base Score - 5
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Partial
CVSS Temporal Score - 4.8
Exploitability - Functional
Remediation Level - Unavailable
Report Confidence - Confirmed
Impact
======
Successful exploitation of these vulnerabilities may result in the
continuous resetting of BGP peering sessions. This may lead to
routing inconsistencies and a denial of service for those affected
networks.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a complete
upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
+-------------------------------------------------------------------+
| Cisco IOS XR | SMU ID | SMU | Requires |
| Version | | Name | Reload |
|---------------+------------------------------+-------+------------|
| 3.4.0 | Vulnerable; Migrate to 3.4.3 | | |
| | and apply a SMU | | |
|---------------+------------------------------+-------+------------|
| 3.4.1 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.4.2 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.4.3 | SMU will be available on | | |
| | 2010-Sep-5 | | |
|---------------+------------------------------+-------+------------|
| 3.5.2 | SMU will be available on | | |
| | 2010-Sep-5 | | |
|---------------+------------------------------+-------+------------|
| 3.5.3 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.5.4 | SMU will be available on | | |
| | 2010-Sep-5 | | |
|---------------+------------------------------+-------+------------|
| 3.6.0 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.6.1 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.6.2 | SMU will be available on | | |
| | 2010-Aug-30 | | |
|---------------+------------------------------+-------+------------|
| 3.6.3 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.7.0 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.7.1 | SMU will be available on | | |
| | 2010-Sep-1 | | |
|---------------+------------------------------+-------+------------|
| 3.7.2 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.7.3 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.8.0 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.8.1 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.8.2 | SMU will be available on | | |
| | 2010-Aug-30 | | |
|---------------+------------------------------+-------+------------|
| 3.8.3 | SMU will be available on | | |
| | 2010-Sep-1 | | |
|---------------+------------------------------+-------+------------|
| 3.8.4 | SMU will be available on | | |
| | 2010-Aug-28 | | |
|---------------+------------------------------+-------+------------|
| 3.9.0 | SMU will be available on | | |
| | 2010-Sep-1 | | |
|---------------+------------------------------+-------+------------|
| 3.9.1 | SMU will be available on | | |
| | 2010-Aug-28 | | |
+-------------------------------------------------------------------+
Workarounds
===========
There are no workarounds to proactively mitigate this vulnerability.
If a route flap is observed, the prefix with the unrecognized
attribute can be filtered. For further information on filtering on
Cisco IOS XR Software, please consult the document "Implementing
Routing Policy on Cisco IOS XR Software" at the following link:
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.0/routing/configuration/…
Obtaining Fixed Software
========================
Cisco is releasing free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt(a)cisco.com or security-alert(a)cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at:
http://www.cisco.com
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac(a)cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
An advertisement of an unrecognized but valid BGP attribute resulted
in resetting of several BGP neighbors on 27 August 2010. This
advertisement was not malicious but inadvertently triggered this
vulnerability.
The Cisco PSIRT is not aware of malicious use of the vulnerability
described in this advisory.
Status of this Notice: INTERIM
==============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW
INFORMATION BECOMES AVAILABLE.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce(a)cisco.com
* first-bulletins(a)lists.first.org
* bugtraq(a)securityfocus.com
* vulnwatch(a)vulnwatch.org
* cisco(a)spot.colorado.edu
* cisco-nsp(a)puck.nether.net
* full-disclosure(a)lists.grok.org.uk
* comp.dcom.sys.cisco(a)newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-August-27 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.…
This includes instructions for press inquiries regarding Cisco
security notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFMeEy786n/Gc8U/uARAqyeAJ9HEbSnJ9yCTiKU6HxbWnuEL1wicQCfRKdZ
kv4pt8GHYDABNcIjbvGHYso=
=mbwY
-----END PGP SIGNATURE-----
--
Byron Grobe
1
0
Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability
by Cisco Systems Product Security Incident Response Team 28 Aug '10
by Cisco Systems Product Security Incident Response Team 28 Aug '10
28 Aug '10
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco IOS XR Software Border Gateway
Protocol Vulnerability
Advisory ID: cisco-sa-20100827-bgp
Revision 1.0
For Public Release 2010 August 27 2200 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco IOS XR Software contains a vulnerability in the Border Gateway
Protocol (BGP) feature. The vulnerability manifests itself when a BGP
peer announces a prefix with a specific, valid but unrecognized
transitive attribute. On receipt of this prefix, the Cisco IOS XR
device will corrupt the attribute before sending it to the
neighboring devices. Neighboring devices that receive this corrupted
update may reset the BGP peering session.
Affected devices running Cisco IOS XR Software corrupt the
unrecognized attribute before sending to neighboring devices, but
neighboring devices may be running operating systems other than Cisco
IOS XR Software and may still reset the BGP peering session after
receiving the corrupted update. This is per standards defining the
operation of BGP.
Cisco developed a fix that addresses this vulnerability and will be
releasing free software maintenance upgrades (SMU) progressively
starting 28 August 2010. This advisory will be updated accordingly as
fixes become available.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
Affected Products
=================
This vulnerability affects all Cisco IOS XR Software devices
configured with BGP routing.
Vulnerable Products
+------------------
To determine the Cisco IOS XR Software release that is running on a
Cisco product, administrators can log in to the device and issue the
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS XR Software by
displaying text similar to "Cisco IOS XR Software". The software
version is displayed after the text "Cisco IOS XR Software".
The following example identifies a Cisco CRS-1 that is running Cisco
IOS XR Software Release 3.6.2:
RP/0/RP0/CPU0:CRS#show version
Tue Aug 18 14:25:17.407 AEST
Cisco IOS XR Software, Version 3.6.2[00]
Copyright (c) 2008 by Cisco Systems, Inc.
ROM: System Bootstrap, Version 1.49(20080319:195807) [CRS-1 ROMMON],
CRS uptime is 4 weeks, 4 days, 1 minute
System image file is "disk0:hfr-os-mbi-3.6.2/mbihfr-rp.vm"
cisco CRS-8/S (7457) processor with 4194304K bytes of memory.
7457 processor at 1197Mhz, Revision 1.2
17 Packet over SONET/SDH network interface(s)
1 DWDM controller(s)
17 SONET/SDH Port controller(s)
8 TenGigabitEthernet/IEEE 802.3 interface(s)
2 Ethernet/IEEE 802.3 interface(s)
1019k bytes of non-volatile configuration memory.
38079M bytes of hard disk.
981440k bytes of ATA PCMCIA card at disk 0 (Sector size 512 bytes).
Configuration register on node 0/0/CPU0 is 0x102
Boot device on node 0/0/CPU0 is mem:
!--- output truncated
The following example identifies a Cisco 12404 router that is running
Cisco IOS XR Software Release 3.7.1:
RP/0/0/CPU0:GSR#show version
Cisco IOS XR Software, Version 3.7.1[00]
Copyright (c) 2008 by Cisco Systems, Inc.
ROM: System Bootstrap, Version 12.0(20051020:160303) SOFTWARE
Copyright (c) 1994-2005 by cisco Systems, Inc.
GSR uptime is 3 weeks, 6 days, 3 hours, 20 minutes
System image file is "disk0:c12k-os-mbi-3.7.1/mbiprp-rp.vm"
cisco 12404/PRP (7457) processor with 2097152K bytes of memory.
7457 processor at 1266Mhz, Revision 1.2
1 Cisco 12000 Series Performance Route Processor
1 Cisco 12000 Series - Multi-Service Blade Controller
1 1 Port ISE Packet Over SONET OC-48c/STM-16 Controller (1 POS)
1 Cisco 12000 Series SPA Interface Processor-601/501/401
3 Ethernet/IEEE 802.3 interface(s)
1 SONET/SDH Port controller(s)
1 Packet over SONET/SDH network interface(s)
4 PLIM QoS controller(s)
8 FastEthernet/IEEE 802.3 interface(s)
1016k bytes of non-volatile configuration memory.
1000496k bytes of disk0: (Sector size 512 bytes).
65536k bytes of Flash internal SIMM (Sector size 256k).
Configuration register on node 0/0/CPU0 is 0x2102
Boot device on node 0/0/CPU0 is disk0:
!--- output truncated
Additional information about Cisco IOS XR Software release naming
conventions is available in the "White Paper: Cisco IOS Reference
Guide" at the following link:
http://www.cisco.com/web/about/security/intelligence/ios-ref.html#9
Additional information about Cisco IOS XR Software time-based release
model is available in the "White Paper: Guidelines for Cisco IOS XR
Software" at the following link:
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8803/ps5845/product_b…
BGP is configured in Cisco IOS XR Software with the configuration
command "router bgp [AS Number]" or "router bgp [X.Y]". The device is
vulnerable if it is running an affected Cisco IOS XR Software version
and has BGP configured.
The following example shows a Cisco IOS XR Software device configured
with BGP:
RP/0/0/CPU0:GSR#show running-config | begin router bgp
Building configuration...
router bgp 65535
bgp router-id 192.168.0.1
address-family ipv4 unicast
network 192.168.1.1/32
!
address-family vpnv4 unicast
!
neighbor 192.168.2.1
remote-as 65534
update-source Loopback0
address-family ipv4 unicast
!
!--- output truncated
Products Confirmed Not Vulnerable
+--------------------------------
The following Cisco products are confirmed not vulnerable:
* Cisco IOS Software
* Cisco IOS XR Software not configured for BGP routing
No other Cisco products are currently known to be affected by these
vulnerabilities.
Details
=======
This vulnerability affects Cisco IOS XR devices running affected
software versions and configured with the BGP routing feature.
The vulnerability manifests itself when a BGP peer announces a prefix
with a specific, valid but unrecognized transitive attribute. On
receipt of this prefix, the Cisco IOS XR device will corrupt the
attribute before sending it to the neighboring devices. Neighboring
devices that receive this corrupted update may reset the BGP peering
session.
Affected devices running Cisco IOS XR Software corrupt the
unrecognized attribute before sending to neighboring devices, but
neighboring devices may be running operating systems other than Cisco
IOS XR Software and may still reset the BGP peering session after
receiving the corrupted update. This is per RFC 4271 that defines the
operation of BGP.
After an affected device running Cisco IOS XR Software sends a
corrupted update, it will receive a notification from the neighboring
router and will create a log message like the following example:
bgp[122]: %ROUTING-BGP-5-ADJCHANGE : neighbor 172.16.1.251 Down - BGP Notification received: update malformed
This vulnerability is documented in Cisco Bug ID CSCti62211 and has
been assigned Common Vulnerabilities and Exposures (CVE) ID
CVE-2010-3035.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
CSCti62211 - BGP flaps due to unknown attribute
CVSS Base Score - 5
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Partial
CVSS Temporal Score - 4.8
Exploitability - Functional
Remediation Level - Unavailable
Report Confidence - Confirmed
Impact
======
Successful exploitation of these vulnerabilities may result in the
continuous resetting of BGP peering sessions. This may lead to
routing inconsistencies and a denial of service for those affected
networks.
Software Versions and Fixes
===========================
When considering software upgrades, also consult:
http://www.cisco.com/go/psirt
and any subsequent advisories to determine exposure and a complete
upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
+-------------------------------------------------------------------+
| Cisco IOS XR | SMU ID | SMU | Requires |
| Version | | Name | Reload |
|---------------+------------------------------+-------+------------|
| 3.4.0 | Vulnerable; Migrate to 3.4.3 | | |
| | and apply a SMU | | |
|---------------+------------------------------+-------+------------|
| 3.4.1 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.4.2 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.4.3 | SMU will be available on | | |
| | 2010-Sep-5 | | |
|---------------+------------------------------+-------+------------|
| 3.5.2 | SMU will be available on | | |
| | 2010-Sep-5 | | |
|---------------+------------------------------+-------+------------|
| 3.5.3 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.5.4 | SMU will be available on | | |
| | 2010-Sep-5 | | |
|---------------+------------------------------+-------+------------|
| 3.6.0 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.6.1 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.6.2 | SMU will be available on | | |
| | 2010-Aug-30 | | |
|---------------+------------------------------+-------+------------|
| 3.6.3 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.7.0 | SMU will be available on | | |
| | 2010-Sep-9 | | |
|---------------+------------------------------+-------+------------|
| 3.7.1 | SMU will be available on | | |
| | 2010-Sep-1 | | |
|---------------+------------------------------+-------+------------|
| 3.7.2 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.7.3 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.8.0 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.8.1 | SMU will be available on | | |
| | 2010-Sep-3 | | |
|---------------+------------------------------+-------+------------|
| 3.8.2 | SMU will be available on | | |
| | 2010-Aug-30 | | |
|---------------+------------------------------+-------+------------|
| 3.8.3 | SMU will be available on | | |
| | 2010-Sep-1 | | |
|---------------+------------------------------+-------+------------|
| 3.8.4 | SMU will be available on | | |
| | 2010-Aug-28 | | |
|---------------+------------------------------+-------+------------|
| 3.9.0 | SMU will be available on | | |
| | 2010-Sep-1 | | |
|---------------+------------------------------+-------+------------|
| 3.9.1 | SMU will be available on | | |
| | 2010-Aug-28 | | |
+-------------------------------------------------------------------+
Workarounds
===========
There are no workarounds to proactively mitigate this vulnerability.
If a route flap is observed, the prefix with the unrecognized
attribute can be filtered. For further information on filtering on
Cisco IOS XR Software, please consult the document "Implementing
Routing Policy on Cisco IOS XR Software" at the following link:
http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.0/routing/configuration/…
Obtaining Fixed Software
========================
Cisco is releasing free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets
they have purchased. By installing, downloading, accessing or
otherwise using such software upgrades, customers agree to be bound
by the terms of Cisco's software license terms found at:
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
or as otherwise set forth at Cisco.com Downloads at:
http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt(a)cisco.com or security-alert(a)cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at:
http://www.cisco.com
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac(a)cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
An advertisement of an unrecognized but valid BGP attribute resulted
in resetting of several BGP neighbors on 27 August 2010. This
advertisement was not malicious but inadvertently triggered this
vulnerability.
The Cisco PSIRT is not aware of malicious use of the vulnerability
described in this advisory.
Status of this Notice: INTERIM
==============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW
INFORMATION BECOMES AVAILABLE.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20100827-bgp.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce(a)cisco.com
* first-bulletins(a)lists.first.org
* bugtraq(a)securityfocus.com
* vulnwatch(a)vulnwatch.org
* cisco(a)spot.colorado.edu
* cisco-nsp(a)puck.nether.net
* full-disclosure(a)lists.grok.org.uk
* comp.dcom.sys.cisco(a)newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+---------------------------------------+
| Revision | | Initial |
| 1.0 | 2010-August-27 | public |
| | | release |
+---------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities in Cisco
products, obtaining assistance with security incidents, and
registering to receive security information from Cisco, is available
on Cisco's worldwide website at:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.…
This includes instructions for press inquiries regarding Cisco
security notices. All Cisco security advisories are available at:
http://www.cisco.com/go/psirt
-----BEGIN PGP SIGNATURE-----
iD8DBQFMeEy786n/Gc8U/uARAqyeAJ9HEbSnJ9yCTiKU6HxbWnuEL1wicQCfRKdZ
kv4pt8GHYDABNcIjbvGHYso=
=mbwY
-----END PGP SIGNATURE-----
1
0
BGP Update Report
Interval: 19-Aug-10 -to- 26-Aug-10 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS5416 63690 4.3% 513.6 -- BATELCO-BH
2 - AS3464 25712 1.7% 1836.6 -- ASC-NET - Alabama Supercomputer Network
3 - AS32528 18622 1.3% 4655.5 -- ABBOTT Abbot Labs
4 - AS28573 17201 1.2% 16.8 -- NET Servicos de Comunicao S.A.
5 - AS35931 14837 1.0% 2472.8 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC
6 - AS5536 14735 1.0% 136.4 -- Internet-Egypt
7 - AS16814 14708 1.0% 21.6 -- NSS S.A.
8 - AS9829 12047 0.8% 51.7 -- BSNL-NIB National Internet Backbone
9 - AS7552 11561 0.8% 13.3 -- VIETEL-AS-AP Vietel Corporation
10 - AS11351 11536 0.8% 36.0 -- RR-NYSREGION-ASN-01 - Road Runner HoldCo LLC
11 - AS13880 11319 0.8% 1617.0 -- ACI-AS - american century investments
12 - AS5800 11102 0.8% 59.1 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center
13 - AS8151 10794 0.7% 15.2 -- Uninet S.A. de C.V.
14 - AS35567 10169 0.7% 95.9 -- DASTO-BOSNIA-AS DASTO semtel d.o.o.
15 - AS10474 9991 0.7% 525.8 -- NETACTIVE
16 - AS14420 9788 0.7% 17.7 -- CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP
17 - AS45464 8824 0.6% 245.1 -- NEXTWEB-AS-AP Room 201, TGU Bldg
18 - AS21017 7692 0.5% 769.2 -- VSI-AS VSI AS
19 - AS34984 7533 0.5% 26.3 -- TELLCOM-AS Tellcom Iletisim Hizmetleri
20 - AS3816 7497 0.5% 28.4 -- COLOMBIA TELECOMUNICACIONES S.A. ESP
TOP 20 Unstable Origin AS (Updates per announced prefix)
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS32528 18622 1.3% 4655.5 -- ABBOTT Abbot Labs
2 - AS35931 14837 1.0% 2472.8 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC
3 - AS3464 25712 1.7% 1836.6 -- ASC-NET - Alabama Supercomputer Network
4 - AS13880 11319 0.8% 1617.0 -- ACI-AS - american century investments
5 - AS53532 1270 0.1% 1270.0 -- KINGMETALS - King Architectural Metals
6 - AS48565 926 0.1% 926.0 -- POCZTAPOLSKA-AS Poczta Polska Spolka Akcyjna
7 - AS27027 882 0.1% 882.0 -- ANBELL ASN-ANBELL
8 - AS21017 7692 0.5% 769.2 -- VSI-AS VSI AS
9 - AS11613 710 0.1% 710.0 -- U-SAVE - U-Save Auto Rental of America, Inc.
10 - AS45542 1401 0.1% 700.5 -- VNU-AS-VN VietNam National University Ha Noi
11 - AS50010 1980 0.1% 660.0 -- NAWRAS-AS Omani Qatari Telecommunications Company SAOC
12 - AS10474 9991 0.7% 525.8 -- NETACTIVE
13 - AS5416 63690 4.3% 513.6 -- BATELCO-BH
14 - AS16861 460 0.0% 460.0 -- REVELEX - Revelex.com
15 - AS16718 4511 0.3% 451.1 -- EMBARQ-HMBL - Embarq Corporation
16 - AS15984 439 0.0% 439.0 -- The Joint-Stock Commercial Bank CentroCredit.
17 - AS49493 423 0.0% 423.0 -- SVT-AS SVT-Proveedor de Servicios de Internet
18 - AS20817 423 0.0% 423.0 -- DELTANET-AS Deltanet Autonomous System
19 - AS22580 370 0.0% 370.0 -- GUARD - GUARD INSURANCE GROUP
20 - AS43055 1793 0.1% 358.6 -- KATRINA-AS CJSC Katrina
TOP 20 Unstable Prefixes
Rank Prefix Upds % Origin AS -- AS Name
1 - 129.66.128.0/17 12834 0.8% AS3464 -- ASC-NET - Alabama Supercomputer Network
2 - 129.66.0.0/17 12825 0.8% AS3464 -- ASC-NET - Alabama Supercomputer Network
3 - 196.2.16.0/24 9859 0.6% AS10474 -- NETACTIVE
4 - 130.36.34.0/24 9262 0.6% AS32528 -- ABBOTT Abbot Labs
5 - 130.36.35.0/24 9262 0.6% AS32528 -- ABBOTT Abbot Labs
6 - 63.211.68.0/22 8599 0.6% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC
7 - 148.204.141.0/24 6213 0.4% AS8151 -- Uninet S.A. de C.V.
8 - 198.140.43.0/24 6188 0.4% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC
9 - 190.65.228.0/22 5779 0.4% AS3816 -- COLOMBIA TELECOMUNICACIONES S.A. ESP
10 - 216.126.136.0/22 4947 0.3% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
11 - 84.255.152.0/24 4090 0.3% AS5416 -- BATELCO-BH
12 - 84.255.146.0/24 4082 0.3% AS5416 -- BATELCO-BH
13 - 84.255.145.0/24 4082 0.3% AS5416 -- BATELCO-BH
14 - 84.255.147.0/24 4082 0.3% AS5416 -- BATELCO-BH
15 - 95.32.128.0/18 3851 0.2% AS21017 -- VSI-AS VSI AS
16 - 95.32.192.0/18 3659 0.2% AS21017 -- VSI-AS VSI AS
17 - 206.184.16.0/24 3066 0.2% AS174 -- COGENT Cogent/PSI
18 - 77.69.143.0/24 2932 0.2% AS5416 -- BATELCO-BH
19 - 77.69.190.0/24 2932 0.2% AS5416 -- BATELCO-BH
20 - 77.69.142.0/24 2932 0.2% AS5416 -- BATELCO-BH
Details at http://bgpupdates.potaroo.net
------------------------------------
Copies of this report are mailed to:
nanog(a)merit.edu
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
This report has been generated at Fri Aug 27 21:12:04 2010 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date Prefixes CIDR Agg
20-08-10 333340 205848
21-08-10 332999 206105
22-08-10 333406 206219
23-08-10 333522 206203
24-08-10 333578 206571
25-08-10 333874 206667
26-08-10 333708 206713
27-08-10 333965 206728
AS Summary
35248 Number of ASes in routing system
14995 Number of ASes announcing only one prefix
4451 Largest number of prefixes announced by an AS
AS4323 : TWTC - tw telecom holdings, inc.
97263040 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 27Aug10 ---
ASnum NetsNow NetsAggr NetGain % Gain Description
Table 334389 206722 127667 38.2% All ASes
AS6389 3843 282 3561 92.7% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS4323 4451 1872 2579 57.9% TWTC - tw telecom holdings,
inc.
AS19262 1802 276 1526 84.7% VZGNI-TRANSIT - Verizon Online
LLC
AS4766 1866 512 1354 72.6% KIXS-AS-KR Korea Telecom
AS22773 1180 66 1114 94.4% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS4755 1482 431 1051 70.9% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS5668 1131 89 1042 92.1% AS-5668 - CenturyTel Internet
Holdings, Inc.
AS17488 1342 302 1040 77.5% HATHWAY-NET-AP Hathway IP Over
Cable Internet
AS18566 1087 63 1024 94.2% COVAD - Covad Communications
Co.
AS6478 1308 372 936 71.6% ATT-INTERNET3 - AT&T WorldNet
Services
AS8151 1526 635 891 58.4% Uninet S.A. de C.V.
AS1785 1791 960 831 46.4% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS10620 1102 290 812 73.7% Telmex Colombia S.A.
AS8452 1147 425 722 62.9% TEDATA TEDATA
AS7545 1407 721 686 48.8% TPG-INTERNET-AP TPG Internet
Pty Ltd
AS7303 791 115 676 85.5% Telecom Argentina S.A.
AS4808 917 290 627 68.4% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS13343 977 357 620 63.5% SCRR-13343 - Road Runner
HoldCo LLC
AS4804 678 73 605 89.2% MPX-AS Microplex PTY LTD
AS7552 654 114 540 82.6% VIETEL-AS-AP Vietel
Corporation
AS17676 605 77 528 87.3% GIGAINFRA Softbank BB Corp.
AS4780 685 161 524 76.5% SEEDNET Digital United Inc.
AS7018 1470 953 517 35.2% ATT-INTERNET4 - AT&T WorldNet
Services
AS7011 1136 659 477 42.0% FRONTIER-AND-CITIZENS -
Frontier Communications of
America, Inc.
AS24560 1002 525 477 47.6% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS14420 553 78 475 85.9% CORPORACION NACIONAL DE
TELECOMUNICACIONES - CNT EP
AS22047 551 78 473 85.8% VTR BANDA ANCHA S.A.
AS3356 1145 675 470 41.0% LEVEL3 Level 3 Communications
AS28573 1025 566 459 44.8% NET Servicos de Comunicao S.A.
AS36992 661 211 450 68.1% ETISALAT-MISR
Total 39315 12228 27087 68.9% Top 30 total
Possible Bogus Routes
31.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
31.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
31.1.24.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
41.222.79.0/24 AS36938 AMSCOTELECOMS Amsco Telecommunications Nigeria Limited
41.223.92.0/22 AS36936 CELTEL-GABON Celtel Gabon Internet Service
41.223.189.0/24 AS6453 GLOBEINTERNET TATA Communications
41.223.196.0/24 AS36990
41.223.197.0/24 AS36990
41.223.198.0/24 AS36990
41.223.199.0/24 AS36990
46.44.128.0/18 AS28685 ASN-ROUTIT Routit BV EDE The Netherlands
49.0.0.0/8 AS38639 HANABI NTT Communications Corporation
62.61.220.0/24 AS24974 TACHYON-EU Tachyon Europe BV
62.61.221.0/24 AS24974 TACHYON-EU Tachyon Europe BV
64.20.80.0/20 AS40028 SPD-NETWORK-1 - SPD NETWORK
64.21.192.0/20 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.21.212.0/22 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.21.216.0/21 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.82.128.0/19 AS16617 COMMUNITYISP - CISP
64.82.160.0/19 AS16617 COMMUNITYISP - CISP
66.180.239.0/24 AS35888 VIGNETTE - VIGNETTE CORPORATION
66.206.32.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.33.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.34.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.35.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board
66.206.47.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
66.207.32.0/20 AS23011
66.230.240.0/20 AS27286
66.245.176.0/20 AS19318 NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC
69.6.80.0/24 AS13442
69.6.81.0/24 AS13442
71.19.134.0/23 AS3313 INET-AS I.NET S.p.A.
71.19.160.0/23 AS4648 NZIX-2 Netgate
72.22.32.0/19 AS33150
72.22.61.0/24 AS33150
72.22.62.0/24 AS33150
76.77.32.0/19 AS2828 XO-AS15 - XO Communications
80.88.10.0/24 AS33774 DJAWEB
80.88.12.0/24 AS33779 wataniya-telecom-as
101.0.0.0/8 AS38639 HANABI NTT Communications Corporation
110.34.44.0/22 AS12653 COMTONET KB Impuls Hellas
110.173.64.0/19 AS37963 CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd.
116.68.136.0/21 AS28045 Pantel Communications
117.120.56.0/21 AS4755 TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
121.46.0.0/16 AS4134 CHINANET-BACKBONE No.31,Jin-rong Street
121.50.168.0/21 AS9931 CAT-AP The Communication Authoity of Thailand, CAT
158.222.70.0/23 AS6137 SISNA - SISNA, Inc.
158.222.72.0/23 AS6137 SISNA - SISNA, Inc.
158.222.224.0/20 AS19864 O1COMM - O1 COMMUNICATIONS
158.222.224.0/22 AS19864 O1COMM - O1 COMMUNICATIONS
158.222.229.0/24 AS19864 O1COMM - O1 COMMUNICATIONS
176.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
176.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
176.1.24.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
177.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
177.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
177.1.8.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
181.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
181.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
181.1.8.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
190.102.32.0/20 AS30058 ACTIVO-SYSTEMS-AS30058 ACTIVO-SYSTEMS-AS30058
190.104.32.0/21 AS27882 Telefónica Celular de Bolivia S.A.
192.9.0.0/16 AS11479 BRM-SUN-AS - Sun Microsystems, Inc
192.64.85.0/24 AS1759 TSF-IP-CORE TeliaSonera Finland IP Network
192.69.108.0/24 AS1759 TSF-IP-CORE TeliaSonera Finland IP Network
192.101.46.0/24 AS6503 Axtel, S.A.B. de C. V.
192.101.64.0/21 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe
192.101.70.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
192.101.71.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
192.101.72.0/24 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe
192.101.74.0/24 AS1239 SPRINTLINK - Sprint
192.124.252.0/22 AS680 DFN-IP service X-WiN
192.131.233.0/24 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc.
192.154.32.0/19 AS81 NCREN - MCNC
192.154.64.0/19 AS81 NCREN - MCNC
192.188.208.0/20 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center
196.2.224.0/22 AS24863 LINKdotNET-AS
196.6.108.0/24 AS5713 SAIX-NET
196.13.201.0/24 AS2018 TENET-1
196.13.202.0/24 AS2018 TENET-1
196.13.203.0/24 AS2018 TENET-1
196.13.204.0/24 AS2018 TENET-1
196.110.105.0/24 AS8513 SKYVISION SkyVision Network Services
196.201.248.0/24 AS30991 SAHANNET Sahannet AS Network
196.201.249.0/24 AS30991 SAHANNET Sahannet AS Network
196.201.250.0/24 AS30991 SAHANNET Sahannet AS Network
196.201.251.0/24 AS30991 SAHANNET Sahannet AS Network
196.201.253.0/24 AS30991 SAHANNET Sahannet AS Network
196.201.255.0/24 AS30991 SAHANNET Sahannet AS Network
196.202.224.0/21 AS8818 TELE Greenland Autonomous System
198.1.2.0/24 AS4761 INDOSAT-INP-AP INDOSAT Internet Network Provider
198.23.26.0/24 AS4390 BELLATLANTIC-COM - Bell Atlantic, Inc.
198.51.100.0/24 AS16953 ASCENT-MEDIA-GROUP-LLC - Ascent Media Group, LLC
198.73.210.0/24 AS21570 ACI-1 - Accelerated Connections Inc.
198.74.38.0/24 AS16966 SBCIDC-LSAN03 - AT&T Internet Services
198.74.39.0/24 AS16966 SBCIDC-LSAN03 - AT&T Internet Services
198.74.40.0/24 AS16966 SBCIDC-LSAN03 - AT&T Internet Services
198.97.72.0/21 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center
198.97.96.0/19 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center
198.97.240.0/20 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center
198.99.241.0/24 AS11797 AC-NIELSEN-AS AC NIELSEN
198.135.236.0/24 AS4358 XNET - XNet Information Systems, Inc.
198.161.87.0/24 AS6539 GT-BELL - Bell Canada
198.163.214.0/24 AS21804 ACCESS-SK - Access Communications Co-operative Limited
198.167.0.0/16 AS7456 INTERHOP - Interhop Network SERVICES Inc.
198.168.0.0/16 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
198.169.0.0/16 AS803 SASKTEL - Saskatchewan Telecommunications
198.180.198.0/24 AS23715 SEOUL-INTGW-GXS-AP Global Exchange Services
198.182.235.0/24 AS3356 LEVEL3 Level 3 Communications
199.10.0.0/16 AS721 DNIC-ASBLK-00721-00726 - DoD Network Information Center
199.16.32.0/19 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc.
199.121.0.0/16 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center
199.123.16.0/20 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center
199.185.130.0/23 AS19662 UNISERVE-ONLINE - Uniserve On Line
199.202.0.0/16 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
199.202.216.0/21 AS577 BACOM - Bell Canada
199.233.92.0/24 AS26896 D102-ITC - Data 102, LLC
199.246.116.0/24 AS813 UUNET-CANADA - MCI Communications Services, Inc. d/b/a Verizon Business
200.24.73.0/24 AS26061 Equant Colombia
200.24.78.0/26 AS3549 GBLX Global Crossing Ltd.
200.24.78.64/26 AS3549 GBLX Global Crossing Ltd.
202.9.55.0/24 AS2764 AAPT AAPT Limited
202.9.57.0/24 AS2764 AAPT AAPT Limited
202.38.63.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.58.113.0/24 AS19161
202.61.75.0/24 AS9927 PHILCOMNET-PH A Multihomed ISP Company
202.66.128.0/18 AS9584 GENESIS-AP Diyixian.com Limited
202.66.160.0/19 AS9584 GENESIS-AP Diyixian.com Limited
202.66.160.0/20 AS9584 GENESIS-AP Diyixian.com Limited
202.66.176.0/20 AS9584 GENESIS-AP Diyixian.com Limited
202.66.184.0/24 AS9584 GENESIS-AP Diyixian.com Limited
202.66.186.0/24 AS9584 GENESIS-AP Diyixian.com Limited
202.66.188.0/24 AS9584 GENESIS-AP Diyixian.com Limited
202.66.189.0/24 AS9584 GENESIS-AP Diyixian.com Limited
202.66.190.0/24 AS9584 GENESIS-AP Diyixian.com Limited
202.73.144.0/20 AS4788 TMNET-AS-AP TM Net, Internet Service Provider
202.80.192.0/20 AS2706 PI-HK Pacnet Internet (Hong Kong) Limited
202.86.252.0/22 AS4748 RESOLINK-AS-AP Resources Link Network Limited
202.86.252.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.86.253.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.86.254.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.86.255.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications
202.94.1.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.133.37.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.133.70.0/24 AS38616 WORLDCALL-AS-KHI Worldcall Telecom Limited
202.133.73.0/24 AS38616 WORLDCALL-AS-KHI Worldcall Telecom Limited
202.136.254.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.136.255.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.150.227.0/24 AS17727 NAPINFO-AS-AP PT. NAP Info Lintas Nusa
202.174.70.0/24 AS21175 WIS WIS S.A. : WIND International Services
202.174.125.0/24 AS9498 BBIL-AP BHARTI Airtel Ltd.
202.176.1.0/24 AS9942 COMINDICO-AP SOUL Converged Communications Australia
202.179.130.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.131.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.133.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.134.0/24 AS23966 LDN-AS-PK LINKdotNET Telecom Limited
202.179.144.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.149.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.150.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.181.32.0/24 AS4645 ASN-HKNET-AP HKNet Co. Ltd
203.12.45.0/24 AS4854 NETSPACE-AS-AP Netspace Online Systems
203.62.0.0/17 AS7575 AARNET-AS-AP Australian Academic and Reasearch Network (AARNet)
203.78.48.0/20 AS9299 IPG-AS-AP Philippine Long Distance Telephone Company
203.80.136.0/21 AS4759 EVOSERVE-AS-AP EvoServe is a content and online access Internet provider company
203.112.111.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.113.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.114.0/24 AS4802 ASN-IINET iiNet Limited
203.112.116.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.117.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.118.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.119.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.120.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.121.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.112.127.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd
203.128.128.0/24 AS23849 CNNIC-NET263-AP Beijing Capital-online science development Co.,Ltd.
203.142.219.0/24 AS45149
204.9.216.0/23 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc.
204.10.232.0/21 AS33150
204.19.14.0/23 AS577 BACOM - Bell Canada
204.28.104.0/21 AS25973 MZIMA - Mzima Networks, Inc.
204.197.0.0/16 AS3356 LEVEL3 Level 3 Communications
204.209.114.0/24 AS13768 PEER1 - Peer 1 Network Inc.
204.238.70.0/24 AS36826
205.150.0.0/15 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
205.189.134.0/24 AS11814 DISTRIBUTEL-AS11814 - DISTRIBUTEL COMMUNICATIONS LTD.
205.196.24.0/22 AS33724 BIZNESSHOSTING - VOLICO
205.210.145.0/24 AS11814 DISTRIBUTEL-AS11814 - DISTRIBUTEL COMMUNICATIONS LTD.
206.72.192.0/23 AS27375 IDS-TELECOM - IDS Telecom
206.72.194.0/23 AS27375 IDS-TELECOM - IDS Telecom
206.72.196.0/23 AS7018 ATT-INTERNET4 - AT&T WorldNet Services
206.72.208.0/24 AS16526 BIRCH-TELECOM - Birch Telecom, Inc.
206.72.209.0/24 AS16526 BIRCH-TELECOM - Birch Telecom, Inc.
206.123.129.0/24 AS10790 INREACH-AS - InReach Internet
206.180.240.0/20 AS12083 KNOLOGY-NET - Knology Holdings
206.197.184.0/24 AS23304 DATOTEL-STL-AS - Datotel LLC, a NetLabs LLC Company
207.174.131.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.132.0/23 AS26116 INDRA - Indra's Net Inc.
207.174.152.0/23 AS26116 INDRA - Indra's Net Inc.
207.174.154.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.155.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.188.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.189.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.190.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.191.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.200.0/24 AS22658 EARTHNET - Earthnet, Inc.
207.174.248.0/21 AS6653 PRIVATEI - privateI, LLC
207.231.96.0/19 AS11194 NUNETPA - NuNet Inc.
208.73.4.0/22 AS27630 PREMIER - Premier Innovations, LLC
208.78.164.0/24 AS16565
208.78.165.0/24 AS16565
208.78.167.0/24 AS16565
208.84.76.0/22 AS18561
208.92.196.0/22 AS10929 NETELLIGENT - Netelligent Hosting Services Inc.
208.92.199.0/24 AS26198 3MENATWORK - 3Men@Work Integrated Networks, Inc.
209.54.123.0/24 AS6062 NETPLEX - NETPLEX
209.105.224.0/19 AS20074
209.165.239.0/24 AS209 ASN-QWEST - Qwest Communications Company, LLC
209.213.0.0/20 AS33005 ELTOPIA - Eltopia.com, LLC
209.213.1.0/24 AS7849 CROCKERCOM - CROCKER COMMUNICATIONS
209.213.4.0/24 AS7849 CROCKERCOM - CROCKER COMMUNICATIONS
210.5.128.0/20 AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone
210.56.150.0/23 AS38138 INTECH-TRANSIT-BD InTech Online Limited, INTERNET SERVICE LIMITED
210.247.224.0/19 AS7496 WEBCENTRAL-AS WebCentral
216.21.196.0/24 AS12251 INVISION - Invision.com, Inc.
216.21.201.0/24 AS12251 INVISION - Invision.com, Inc.
216.21.202.0/24 AS12251 INVISION - Invision.com, Inc.
216.21.206.0/23 AS12251 INVISION - Invision.com, Inc.
216.58.192.0/24 AS22702 X5SOLUTIONS - X5 Solutions, Inc.
216.58.197.0/24 AS22702 X5SOLUTIONS - X5 Solutions, Inc.
216.58.200.0/24 AS18530 ISOMEDIA-1 - Isomedia Inc.
216.172.198.0/24 AS22773 ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.
216.172.199.0/24 AS22773 ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.
216.250.112.0/20 AS7296 ALCHEMYNET - Alchemy Communications, Inc.
216.250.116.0/24 AS36066 UNI-MARKETING-ALLIANCE - Webhost4life.com
Please see http://www.cidr-report.org for the full report
------------------------------------
Copies of this report are mailed to:
nanog(a)merit.edu
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
Marshall Eubanks <tme(a)americafree.tv> wrote:
> A _really_ intelligent airline scheduling system would (IMHO) be
> able to offer you options like
>
> "there is a direct flight Pittsburgh -> Kansas City, and from there it
> is a 2 hour drive to Columbia, so that will save you 5 hours travel time"
That's not an airline scheduling system.
That's a travel scheduling system. Different beast.
> Regards
> Marshall
--Johnny
1
0
sorry for the off topic post - but since a few of us travel about some...
http://www.hipmunk.com/
--bill
12
13
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG,
CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to bgp-stats(a)lists.apnic.net
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith <pfs(a)cisco.com>.
Routing Table Report 04:00 +10GMT Sat 28 Aug, 2010
Report Website: http://thyme.apnic.net
Detailed Analysis: http://thyme.apnic.net/current/
Analysis Summary
----------------
BGP routing table entries examined: 329510
Prefixes after maximum aggregation: 151625
Deaggregation factor: 2.17
Unique aggregates announced to Internet: 161906
Total ASes present in the Internet Routing Table: 34686
Prefixes per ASN: 9.50
Origin-only ASes present in the Internet Routing Table: 30086
Origin ASes announcing only one prefix: 14608
Transit ASes present in the Internet Routing Table: 4600
Transit-only ASes present in the Internet Routing Table: 106
Average AS path length visible in the Internet Routing Table: 3.6
Max AS path length visible: 24
Max AS path prepend of ASN (41664) 21
Prefixes from unregistered ASNs in the Routing Table: 1590
Unregistered ASNs in the Routing Table: 797
Number of 32-bit ASNs allocated by the RIRs: 748
Prefixes from 32-bit ASNs in the Routing Table: 962
Special use prefixes present in the Routing Table: 0
Prefixes being announced from unallocated address space: 170
Number of addresses announced to Internet: 2293803456
Equivalent to 136 /8s, 184 /16s and 169 /24s
Percentage of available address space announced: 61.9
Percentage of allocated address space announced: 66.1
Percentage of available address space allocated: 93.7
Percentage of address space in use by end-sites: 84.5
Total number of prefixes smaller than registry allocations: 156020
APNIC Region Analysis Summary
-----------------------------
Prefixes being announced by APNIC Region ASes: 80080
Total APNIC prefixes after maximum aggregation: 27494
APNIC Deaggregation factor: 2.91
Prefixes being announced from the APNIC address blocks: 77020
Unique aggregates announced from the APNIC address blocks: 33981
APNIC Region origin ASes present in the Internet Routing Table: 4178
APNIC Prefixes per ASN: 18.43
APNIC Region origin ASes announcing only one prefix: 1167
APNIC Region transit ASes present in the Internet Routing Table: 640
Average APNIC Region AS path length visible: 3.7
Max APNIC Region AS path length visible: 15
Number of APNIC addresses announced to Internet: 541736480
Equivalent to 32 /8s, 74 /16s and 62 /24s
Percentage of available APNIC address space announced: 76.9
APNIC AS Blocks 4608-4864, 7467-7722, 9216-10239, 17408-18431
(pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079
55296-56319, 131072-132095
APNIC Address Blocks 1/8, 14/8, 27/8, 43/8, 49/8, 58/8, 59/8,
60/8, 61/8, 101/8, 110/8, 111/8, 112/8, 113/8,
114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8,
121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8,
175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8,
211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8,
ARIN Region Analysis Summary
----------------------------
Prefixes being announced by ARIN Region ASes: 135692
Total ARIN prefixes after maximum aggregation: 69900
ARIN Deaggregation factor: 1.94
Prefixes being announced from the ARIN address blocks: 108438
Unique aggregates announced from the ARIN address blocks: 42670
ARIN Region origin ASes present in the Internet Routing Table: 13878
ARIN Prefixes per ASN: 7.81
ARIN Region origin ASes announcing only one prefix: 5319
ARIN Region transit ASes present in the Internet Routing Table: 1380
Average ARIN Region AS path length visible: 3.4
Max ARIN Region AS path length visible: 22
Number of ARIN addresses announced to Internet: 732630688
Equivalent to 43 /8s, 171 /16s and 14 /24s
Percentage of available ARIN address space announced: 62.4
ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106
(pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153
3354-4607, 4865-5119, 5632-6655, 6912-7466
7723-8191, 10240-12287, 13312-15359, 16384-17407
18432-20479, 21504-23551, 25600-26591,
26624-27647, 29696-30719, 31744-33791
35840-36863, 39936-40959, 46080-47103
53248-55295, 393216-394239
ARIN Address Blocks 3/8, 4/8, 6/8, 7/8, 8/8, 9/8, 11/8,
12/8, 13/8, 15/8, 16/8, 17/8, 18/8, 19/8,
20/8, 21/8, 22/8, 24/8, 26/8, 28/8, 29/8,
30/8, 32/8, 33/8, 34/8, 35/8, 38/8, 40/8,
44/8, 45/8, 47/8, 48/8, 50/8, 52/8, 54/8,
55/8, 56/8, 63/8, 64/8, 65/8, 66/8, 67/8,
68/8, 69/8, 70/8, 71/8, 72/8, 73/8, 74/8,
75/8, 76/8, 96/8, 97/8, 98/8, 99/8, 107/8,
108/8, 173/8, 174/8, 184/8, 199/8, 204/8, 205/8,
206/8, 207/8, 208/8, 209/8, 214/8, 215/8, 216/8,
RIPE Region Analysis Summary
----------------------------
Prefixes being announced by RIPE Region ASes: 75384
Total RIPE prefixes after maximum aggregation: 44003
RIPE Deaggregation factor: 1.71
Prefixes being announced from the RIPE address blocks: 68841
Unique aggregates announced from the RIPE address blocks: 45070
RIPE Region origin ASes present in the Internet Routing Table: 14722
RIPE Prefixes per ASN: 4.68
RIPE Region origin ASes announcing only one prefix: 7583
RIPE Region transit ASes present in the Internet Routing Table: 2207
Average RIPE Region AS path length visible: 3.9
Max RIPE Region AS path length visible: 24
Number of RIPE addresses announced to Internet: 436405504
Equivalent to 26 /8s, 3 /16s and 5 /24s
Percentage of available RIPE address space announced: 76.5
RIPE AS Blocks 1877-1901, 2043, 2047, 2107-2136, 2585-2614
(pre-ERX allocations) 2773-2822, 2830-2879, 3154-3353, 5377-5631
6656-6911, 8192-9215, 12288-13311, 15360-16383
20480-21503, 24576-25599, 28672-29695
30720-31743, 33792-35839, 38912-39935
40960-45055, 47104-52223, 196608-197631
RIPE Address Blocks 2/8, 25/8, 31/8, 46/8, 51/8, 62/8, 77/8,
78/8, 79/8, 80/8, 81/8, 82/8, 83/8, 84/8,
85/8, 86/8, 87/8, 88/8, 89/8, 90/8, 91/8,
92/8, 93/8, 94/8, 95/8, 109/8, 176/8, 178/8,
193/8, 194/8, 195/8, 212/8, 213/8, 217/8,
LACNIC Region Analysis Summary
------------------------------
Prefixes being announced by LACNIC Region ASes: 29777
Total LACNIC prefixes after maximum aggregation: 7078
LACNIC Deaggregation factor: 4.21
Prefixes being announced from the LACNIC address blocks: 28269
Unique aggregates announced from the LACNIC address blocks: 15311
LACNIC Region origin ASes present in the Internet Routing Table: 1338
LACNIC Prefixes per ASN: 21.13
LACNIC Region origin ASes announcing only one prefix: 414
LACNIC Region transit ASes present in the Internet Routing Table: 237
Average LACNIC Region AS path length visible: 3.9
Max LACNIC Region AS path length visible: 18
Number of LACNIC addresses announced to Internet: 76818560
Equivalent to 4 /8s, 148 /16s and 40 /24s
Percentage of available LACNIC address space announced: 57.2
LACNIC AS Blocks 26592-26623, 27648-28671, 52224-53247,
262144-263167 plus ERX transfers
LACNIC Address Blocks 177/8, 181/8, 186/8, 187/8, 189/8, 190/8, 200/8,
201/8,
AfriNIC Region Analysis Summary
-------------------------------
Prefixes being announced by AfriNIC Region ASes: 7369
Total AfriNIC prefixes after maximum aggregation: 1886
AfriNIC Deaggregation factor: 3.91
Prefixes being announced from the AfriNIC address blocks: 5717
Unique aggregates announced from the AfriNIC address blocks: 1722
AfriNIC Region origin ASes present in the Internet Routing Table: 397
AfriNIC Prefixes per ASN: 14.40
AfriNIC Region origin ASes announcing only one prefix: 125
AfriNIC Region transit ASes present in the Internet Routing Table: 91
Average AfriNIC Region AS path length visible: 3.7
Max AfriNIC Region AS path length visible: 14
Number of AfriNIC addresses announced to Internet: 20112896
Equivalent to 1 /8s, 50 /16s and 230 /24s
Percentage of available AfriNIC address space announced: 59.9
AfriNIC AS Blocks 36864-37887, 327680-328703 & ERX transfers
AfriNIC Address Blocks 41/8, 197/8,
APNIC Region per AS prefix count summary
----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
4766 1866 8412 498 Korea Telecom (KIX)
4755 1482 302 162 TATA Communications formerly
7545 1385 234 86 TPG Internet Pty Ltd
17488 1342 153 130 Hathway IP Over Cable Interne
17974 1168 295 81 PT TELEKOMUNIKASI INDONESIA
9583 1017 76 490 Sify Limited
24560 998 303 179 Bharti Airtel Ltd., Telemedia
4808 917 1692 247 CNCGROUP IP network: China169
9829 818 689 36 BSNL National Internet Backbo
4134 785 22475 418 CHINANET-BACKBONE
Complete listing at http://thyme.apnic.net/current/data-ASnet-APNIC
ARIN Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 3843 3668 277 bellsouth.net, inc.
4323 2701 1115 393 Time Warner Telecom
19262 1802 4626 276 Verizon Global Networks
1785 1791 698 131 PaeTec Communications, Inc.
20115 1493 1529 653 Charter Communications
7018 1470 5734 953 AT&T WorldNet Services
6478 1308 274 118 AT&T Worldnet Services
2386 1289 554 907 AT&T Data Communications Serv
11492 1239 214 119 Cable One
22773 1180 2858 61 Cox Communications, Inc.
Complete listing at http://thyme.apnic.net/current/data-ASnet-ARIN
RIPE Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
3292 449 2026 390 TDC Tele Danmark
30890 443 99 211 Evolva Telecom
702 407 1870 324 UUNET - Commercial IP service
8866 403 117 18 Bulgarian Telecommunication C
8551 401 353 46 Bezeq International
3320 376 7329 325 Deutsche Telekom AG
3301 374 1416 329 TeliaNet Sweden
34984 367 89 185 BILISIM TELEKOM
12479 350 576 5 Uni2 Autonomous System
31148 326 17 80 FreeNet ISP
Complete listing at http://thyme.apnic.net/current/data-ASnet-RIPE
LACNIC Region per AS prefix count summary
-----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
8151 1526 3049 246 UniNet S.A. de C.V.
10620 1102 246 148 TVCABLE BOGOTA
28573 1025 833 111 NET Servicos de Comunicao S.A
6503 835 187 257 AVANTEL, S.A.
7303 791 408 101 Telecom Argentina Stet-France
14420 553 35 76 CORPORACION NACIONAL DE TELEC
22047 551 310 15 VTR PUNTO NET S.A.
3816 477 210 100 Empresa Nacional de Telecomun
7738 477 922 30 Telecomunicacoes da Bahia S.A
11172 445 99 76 Servicios Alestra S.A de C.V
Complete listing at http://thyme.apnic.net/current/data-ASnet-LACNIC
AfriNIC Region per AS prefix count summary
------------------------------------------
ASN No of nets /20 equiv MaxAgg Description
8452 1145 445 10 TEDATA
24863 725 147 39 LINKdotNET AS number
36992 661 279 185 Etisalat MISR
3741 267 907 225 The Internet Solution
33776 209 12 12 Starcomms Nigeria Limited
2018 197 277 64 Tertiary Education Network
6713 195 186 16 Itissalat Al-MAGHRIB
29571 193 19 11 Ci Telecom Autonomous system
24835 190 78 9 RAYA Telecom - Egypt
16637 147 440 96 MTN Network Solutions
Complete listing at http://thyme.apnic.net/current/data-ASnet-AFRINIC
Global Per AS prefix count summary
----------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 3843 3668 277 bellsouth.net, inc.
4323 2701 1115 393 Time Warner Telecom
4766 1866 8412 498 Korea Telecom (KIX)
19262 1802 4626 276 Verizon Global Networks
1785 1791 698 131 PaeTec Communications, Inc.
8151 1526 3049 246 UniNet S.A. de C.V.
20115 1493 1529 653 Charter Communications
4755 1482 302 162 TATA Communications formerly
7018 1470 5734 953 AT&T WorldNet Services
7545 1385 234 86 TPG Internet Pty Ltd
Complete listing at http://thyme.apnic.net/current/data-ASnet
Global Per AS Maximum Aggr summary
----------------------------------
ASN No of nets Net Savings Description
4323 2701 2308 Time Warner Telecom
1785 1791 1660 PaeTec Communications, Inc.
19262 1802 1526 Verizon Global Networks
4766 1866 1368 Korea Telecom (KIX)
4755 1482 1320 TATA Communications formerly
7545 1385 1299 TPG Internet Pty Ltd
8151 1526 1280 UniNet S.A. de C.V.
17488 1342 1212 Hathway IP Over Cable Interne
6478 1308 1190 AT&T Worldnet Services
8452 1145 1135 TEDATA
Complete listing at http://thyme.apnic.net/current/data-CIDRnet
List of Unregistered Origin ASNs (Global)
-----------------------------------------
Bad AS Designation Network Transit AS Description
11946 UNALLOCATED 8.12.155.0/24 40913 Quality Technology S
33084 UNALLOCATED 8.15.195.0/24 3356 Level 3 Communicatio
16734 UNALLOCATED 8.18.204.0/24 26914 Global Netoptex, Inc
22015 UNALLOCATED 8.22.137.0/24 14989 Broadview Networks
46856 UNALLOCATED 8.22.184.0/22 3561 Savvis
26169 UNALLOCATED 8.225.177.0/24 20225 TelJet
32249 UNALLOCATED 8.225.178.0/24 3356 Level 3 Communicatio
16927 UNALLOCATED 12.0.252.0/23 7018 AT&T WorldNet Servic
46883 UNALLOCATED 12.4.222.0/24 7018 AT&T WorldNet Servic
15132 UNALLOCATED 12.9.150.0/24 7018 AT&T WorldNet Servic
Complete listing at http://thyme.apnic.net/current/data-badAS
Advertised Unallocated Addresses
--------------------------------
Network Origin AS Description
31.0.0.0/16 12654 RIPE NCC RIS Project
31.1.0.0/21 12654 RIPE NCC RIS Project
31.1.24.0/24 12654 RIPE NCC RIS Project
41.222.79.0/24 36938 >>UNKNOWN<<
41.223.92.0/22 36936 >>UNKNOWN<<
41.223.189.0/24 6453 Teleglobe Inc.
41.223.196.0/24 36990 Alkan Telecom Ltd
41.223.197.0/24 36990 Alkan Telecom Ltd
41.223.198.0/24 36990 Alkan Telecom Ltd
41.223.199.0/24 36990 Alkan Telecom Ltd
Complete listing at http://thyme.apnic.net/current/data-add-IANA
Number of prefixes announced per prefix length (Global)
-------------------------------------------------------
/1:0 /2:0 /3:0 /4:0 /5:0 /6:0
/7:0 /8:21 /9:10 /10:25 /11:67 /12:198
/13:414 /14:721 /15:1314 /16:11254 /17:5413 /18:9271
/19:18630 /20:23332 /21:23461 /22:30502 /23:29899 /24:171828
/25:1059 /26:1198 /27:718 /28:115 /29:47 /30:6
/31:0 /32:7
Advertised prefixes smaller than registry allocations
-----------------------------------------------------
ASN No of nets Total ann. Description
6389 2459 3843 bellsouth.net, inc.
4766 1488 1866 Korea Telecom (KIX)
4323 1365 2701 Time Warner Telecom
1785 1254 1791 PaeTec Communications, Inc.
11492 1091 1239 Cable One
17488 1084 1342 Hathway IP Over Cable Interne
18566 1068 1087 Covad Communications
8452 1036 1145 TEDATA
10620 1015 1102 TVCABLE BOGOTA
24560 897 998 Bharti Airtel Ltd., Telemedia
Complete listing at http://thyme.apnic.net/current/data-sXXas-nos
Number of /24s announced per /8 block (Global)
----------------------------------------------
1:56 2:2 4:13 8:303 12:2014 13:8
14:1 15:21 16:3 17:9 20:7 24:1436
27:289 31:1 32:61 33:22 38:695 40:97
41:2521 44:3 46:45 47:16 52:12 55:7
56:2 57:28 58:801 59:503 60:460 61:1074
62:1086 63:1975 64:3740 65:2323 66:4032 67:1839
68:1122 69:2788 70:743 71:372 72:1940 73:2
74:2320 75:274 76:327 77:882 78:624 79:437
80:1038 81:804 82:503 83:510 84:691 85:1043
86:481 87:696 88:317 89:1532 90:97 91:2989
92:423 93:985 94:1161 95:679 96:489 97:217
98:621 99:34 108:64 109:651 110:456 111:556
112:279 113:314 114:451 115:573 116:1095 117:658
118:484 119:895 120:141 121:708 122:1540 123:955
124:1119 125:1242 128:226 129:158 130:199 131:540
132:247 133:17 134:195 135:45 136:236 137:136
138:264 139:105 140:476 141:197 142:344 143:351
144:471 145:52 146:427 147:170 148:679 149:305
150:153 151:233 152:299 153:169 154:3 155:361
156:165 157:328 158:118 159:358 160:315 161:183
162:269 163:167 164:416 165:369 166:467 167:423
168:654 169:158 170:722 171:61 172:2 173:1008
174:502 175:155 176:1 177:1 178:435 180:586
181:1 182:234 183:237 184:204 186:565 187:453
188:797 189:757 190:3978 192:5764 193:4754 194:3427
195:2788 196:1172 198:3577 199:3579 200:5430 201:1580
202:8055 203:8300 204:4010 205:2398 206:2534 207:3077
208:3887 209:3469 210:2561 211:1297 212:1754 213:1683
214:658 215:67 216:4775 217:1576 218:478 219:379
220:1140 221:388 222:290 223:7
End of report
1
0
No down time here, Would have been all over the news and everything if it
really do "crash" the internet.
Nick Olsen
Network Operations
(321) 205-1100 x106
----------------------------------------
From: "Kasper Adel" <karim.adel(a)gmail.com>
Sent: Friday, August 27, 2010 1:27 PM
To: "NANOG list" <nanog(a)nanog.org>
Subject: Did your BGP crash today?
Havent seen a thread on this one so thought i'd start one.
Ripe tested a new attribute that crashed the internet, is that true?
Kim
3
2