On Tue, 23 May 2000, Vijay Gill wrote:
Since the corrupted AS-path does not include the AS that the route is coming from (at least in the corruption that I saw) it seems to me that a simple solution for all is to filter on AS i.e. only allow routes that have the AS of your EBGP neighbor prepended to them. I realize this does not cover all cases of wacky AS corruption problems but it may fix some of
This is a hack. We do not need more cruft added on, rather, what we need is correct behavior. The correct behavior being - if you see a corrupt/ a malformed update from a peer, send a notify and drop the session. Seems fairly simple to me.
The above suggestion of your fails in case of route servers.
Insist on correct behavior, not on cruftery.
/vijay
Come on people. It's VERY easy to do one of the following: (1) NOT implement AS-path filtering on route-server connections (2) Apply filtering on RS sessions with an as-path access-list that includes those AS's that you will see via that RS. Am I the only RA that notifies the peering contacts of all other RS peers when someone new joins? I certainly hope not. John Fraizer EnterZone, Inc