I dont see that as the solution. Someone else will offend again. However, I also don't see trusting major backbones as our filters (for many other reasons). Our software should be handling what's effectively a buffer overflow or equivalent (beware long paths that are actually shellcode). Quagga among others seems to be subject to this bug, pre 0.99.23 or so (.99.24+ seems ok). So upgrading is a solution. There was also some chatter on the quagga mailing list on how it's more pleasant to stab your eyeballs out rather than constructing extremely long regexp's that might work as a filter. https://lists.quagga.net/pipermail/quagga-users/2017-September/thread.html /kc On Sat, Sep 30, 2017 at 05:30:03PM +0200, Niels Raijer said:
My message to NANOG about this from 12:31 UTC today is still in the moderation queue. I had opened a support case with Cogent before writing my message to NANOG and Cogent has let me know approximately 40 minutes ago that they have contacted their customer.
Niels
On 30 Sep 2017, at 17:09, sthaug@nethelp.no wrote:
If you're on cogent, since 22:30 UTC yesterday or so this has been happening (or happened).
Still happening here. I count 562 prepends (563 * 262197) in the advertisement we receive from Cogent. I see no good reason why we should accept that many prepends.
Steinar Haug, Nethelp consulting, sthaug@nethelp.no
-- Ken Chase - math@sizone.org Guelph Canada