On Tue, 23 May 2000, Blaine Christian wrote:
1. How can everyone protect themselves RIGHT NOW.
RIGHT NOW you can basically shut your routers off. Or a slightly less drastic method might be to trace down the session that originates the bad NLRI and turn that peering session down.
else is free game. Who besides a route-server would want to prepend an AS besides their own. Who wants to allow customers and perhaps even peers to send routes prepending an AS that is not their own?
Prepending an AS is not as inherently bad as REMOVING an as. You can only prepend an AS to a route you send out (either you originate or you transit it). If you own the object, BFD. People will notice that you are messing with their AS and various unpleasantness will occur. If you are messing with others people's objects that you are transiting, then they should get a better transit provider. Either way, it is a self correcting problem which does not cause any catastrophic damage, like removing an as would.
EBGP peer with extreme suspicion. Reseting the BGP session (perhaps tearing it down and leaving it down until a human intervenes) is probably the best idea. A note of interest for the events I have seen is that you
This is already accounted for in the spec. Exponential backoff on retry.
way. In fact the vendors I am thinking of quite obviously propagate the bad route AND THEN decide to reset their BGP on a larger scale<grrrr>.
Escalate the issue internally to net-eng and let Juzer deal with it. /vijay