With the help from our transit providers and Cisco TAC the issues looks to be that AS9354 is sending AS0 and causing the corruption when processed in our Cisco CRS routers. AS9354 shows to be Community Network Center Inc. (CNCI) or TDNC and directly connected to KDDI AS2516. If anyone from AS9354 is on this list please contact me or stop this advertisement or someone from KDDI please assist. Thanks ERIC -----Original Message----- From: Joe Provo [mailto:nanog-post@rsuc.gweep.net] Sent: Monday, August 17, 2009 4:49 PM To: randal k Cc: nanog@nanog.org Subject: Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ? On Mon, Aug 17, 2009 at 03:37:07PM -0600, randal k wrote:
Yep, we started seeing this right around 12:20pm MST. We saw it from a customer's rapidly-flapping BGP peer. We told them to configure bgp maxas-limit, but apparently CRS1s don't have that command.
Anybody have a handy route-map that will deny anything with a as-path longer than say 15-20? ;-)
Been a while since I had to throw this on cisco, but I since it lacks sane repeat constraint, you have to either choose to iterate over your acceptable space or deny on the longer-than-acceptable. For the latter, ^[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_[0-9]+_([0-9]+_)+ clobbers 15 ASNs and longer. -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE