Ken Chase wrote:
(And I'd fix it _right now_, but it's at my major customer's discretion.
ok, so this is a customer management problem. If this is the only customer on that router, then ok, if they want to continue putting themselves at risk of service loss, I guess that would be their concern. If there's anyone else connected to this router, then you would probably want to consider moving them off it, because you seem to have said that you may not have full control of your business assets. If this is the case, it isn't a good situation to be in and will lead to issues like this turning into serious longer term problems.
read the first table on page 3 and then explain the philosophy of not caring about this as a general issue affecting the entire internet. That's not, to date, been the attitude I've seen in here or elsewhere amongst admins, and I dont see why we should start now.
Globally, there are 59000 ASNs announcing a total of 670k ipv4 prefixes and 45k ipv6 routes. If any one of those prefixes is announced anywhere in the world with an oddball as-path, then this puts vulnerable versions of quagga at risk of service loss. This isn't about sympathy or caring or not caring or anything else, but the uncomfortable fact that with a pool this large, mistakes are going to happen from time to time, whether we like it or not. It's as-path length this time, but on previous occasions it's been attribute size, or incorrect attribute combos or, well, a small catalog of other problems that have caused bgp session failure globally over the years. It's each of our responsibility to ensure that our systems are resistant to problems like this, not other peoples' responsibility to ensure that our networks don't get hit by third party misconfigs. Nick