Specifically, they have the ability to tickle a legacy cisco bug with AS path length. This bug was supposedly mitigated in code and I believe my previous company is still filtering AS path length (UUNET) of 100 or greater. A valid AS-Path of greater than 100 has not yet been found (which was why the filters were in place). On 1/31/05 8:53 AM, "Jared Mauch" <jared@puck.nether.net> wrote:
On Mon, Jan 31, 2005 at 07:19:14AM +0200, Hank Nussbacher wrote:
At 10:23 PM 30-01-05 -0500, Jon Lewis wrote:
Someone at fido.net having some bgp config issues?
Looks like someone probing for a buffer overflow on a world-wide basis.
-Hank
Jan 30 18:34:51 EST: %BGP-6-ASPATH: Long AS path 6461 3356 6770 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 8282 received from ...
Router(config-router)#bgp maxas-limit ? <1-2000> Number of ASes in the AS-PATH attribute
Router(config-router)#bgp maxas-limit 50
Easy to fix/reject.
- jared