NetSecGuy wrote:
I understand AS3333 is RIS itself, is this some kind of misconfig on their end? It seems to be announcing it's entire table every 5 minutes. This started late Friday and ended a few hours ago.
FYI, AS3333 is the RIPE NCC's production AS; the RIS project uses AS12654. There seems to be a difference between the behaviours of Cisco and Juniper routers when encountering the RIS's default keepalive value of 0. Cisco routers (and Zebra/Quagga boxes) seem to operate quite happily without keepalive processing while Junipers seem to tear down and restart the session after the holdtime expires -- result: 170,000 or so additional updates every holdtime-and-a-bit seconds. [Aside: shouldn't the session be refused at startup if a mutually agreeable keepalive value can't be negotiated rather than being allowed to flap like this?] This problem seems to occur when any RIS peer migrates from Cisco to Juniper. The only difference this time is that both ASes are operated by (different groups within) the RIPE NCC. James