Joe Provo <nanog-post@rsuc.gweep.net> writes:
While this is an explataion of the behavior, it should not be an endorsement. Prepending someone else's AS is a bad practive. Not only does it munge 'pure' research data, but fowls some levels of peer evaluation [in the example, and as-701 connected entity seeing your path from 1239 would have to determine why they weren't getting your paths; or a casual glance would indicate you were'nt peer-worthy because you were behind a peer].
Agreed on all counts. Note that I didn't suggest that it was a good idea, just pointed out that this has certainly been done in the past (I seem to recall more than one organization doing this to keep certain routes out of AS690).
Worse, forging AS-paths obfuscates the operational chain of responsibility. Of course that is the goal of some of theses actrivities. Obviously-bogus AS paths are a strong indicator of suspicious activity.
I'm not sure I agree with that assessment. Strong indicator of a nasty hack, much much less strong indicator of anything unseemly afoot. Or perhaps this was a use of the term "suspicious" to which I'm heretofore unaccustomed.
Many providers publish specific BGP communities for customers to use to handle the redistribution at the provider's edge; some are coarse-grained and some provide real control. Many provide something but you have to ask for the information. If your provider doesn't give you this service/feature, demand it.
Yes, and vote with your feet when your contract is up if they don't deliver.
In RS's example, a trip to http://www.sprint.net/policy/bgp.html would tell you to just tag with community 65000:701 route-map to-as1239-nothanks-uu permit 10 set community 65000:701
Attempting action at a distance generally fails at the far-end of your service contract; any implementation that *does* work *should* only spew data the same distance.
Well, yes. Attempt this trick at home at your own peril, &c &c &c... ---Rob PS: I am sure that we both are going to hell for having the unmitigated gall to post stuff to NANOG that actually has something to do with running a backbone.