On Sat, Jun 15, 2019 at 05:32:21AM -0700, Owen DeLong wrote:
What is the principal harm of doing this? Honest question. I'm not advocating for anything, just curious.
Excellent question.
1/ We can’t really expect on the loop detection to work that way at the “jacked” side. So if this is innocent traffic engineering, it is unreliable at best.
Why not?
There is no signal from the remote ASN (the one that receive the route announcement) to the Originator ASN about the remote ASN's loop detection policies. Therefor, since you can't know what the remote side will do ahead of time. The only recourse left at that point is active probing (trial & error). Trial and error, where the 'error' state may be an hard outage, means that the method is unreliable.
Since this TE method is unlikely to be used to control propagation to/through a stub ASN, it ought to be pretty reliable for the intended purpose.
To all other people - AS_PATH poisoning, as a method to perform traffic engineering, is *not* reliable and can lead to hard outages. Regards, Job