On 2/18/2010 2:27 PM, Thomas Magill wrote:
I am thinking about implementing a filter to block all traffic with private AS numbers in the path. I see quite a few in my table though so I am concerned I might block some legitimate traffic. In some cases, these are just prefixes with the private appended to the end but a few have the private as a transit. Is this a good idea or would I likely be blocking too much legitimate traffic? The filter I am using currently shows the following:
I am also curious about blocking legitimate traffic. I just implemented a filter to remove routes with a private-AS anywhere in the path. Over 200 routes were filtered. I spot checked a few prefixes: A few had a covering prefix A few prefixes were originated by a non-private AS and a private AS and would have otherwise been accepted if Cogent (In my case) had that route as a best path And a few prefixes just won't be reachable by my customers. If anyone wants to see what I filtered out:http://pastebin.com/AFyYrfZk <http://pastebin.com/AFyYrfZk>