They are prepending routes. Looks like both 43022 are prepending, As well as 47359...Multiple times... They do this to make that route look "bad" so it comes in other transit they have. Nick Olsen Network Operations (855) FLSPEED x106 ---------------------------------------- From: "Greg Whynott" <Greg.Whynott@oicr.on.ca> Sent: Wednesday, November 10, 2010 3:23 PM To: "nanog@nanog.org list" <nanog@nanog.org> Subject: AS path question. Recently I adjusted the maxas-limit option on our router, logs started reporting routes being refused because the AS path is to long. seems to work as expected. when I looked at the logs I was a bit confused at what i was looking at... why is it there are multiple AS's in the path that appear to be the same AS? I expected an AS path comprised of mostly unique ASs. instead of this: 476330: Nov 10 14:55:07.247 EDT: %BGP-6-ASPATH: Long AS path 549 26677 6939 21011 43022 43022 43022 43022 43022 47359 47359 47359 47359 47359 47359 47359 47359 received from isp router: More than configured MAXAS-LIMIT i expected it would look more like: 476330: Nov 10 14:55:07.247 EDT: %BGP-6-ASPATH: Long AS path 549 26677 6939 21011 43022 47359 received from . .. . thanks for your time again, greg -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.
thanks all, this makes sense now. and i just showed the internet how ignorant I am… i have my maxas-limit set to 10 based on an article I was reading. perhaps I should up that a bit. what sort of problems are associated to overly long AS paths? is it more of a system resource control setting? -g On Nov 10, 2010, at 3:31 PM, Nick Olsen wrote: They are prepending routes. Looks like both 43022 are prepending, As well as 47359...Multiple times... They do this to make that route look "bad" so it comes in other transit they have. Nick Olsen Network Operations (855) FLSPEED x106 [http://www.flhsi.com/files/emaillogo.jpg] ________________________________ From: "Greg Whynott" <Greg.Whynott@oicr.on.ca<mailto:Greg.Whynott@oicr.on.ca>> Sent: Wednesday, November 10, 2010 3:23 PM To: "nanog@nanog.org<mailto:nanog@nanog.org> list" <nanog@nanog.org<mailto:nanog@nanog.org>> Subject: AS path question. Recently I adjusted the maxas-limit option on our router, logs started reporting routes being refused because the AS path is to long. seems to work as expected. when I looked at the logs I was a bit confused at what i was looking at... why is it there are multiple AS's in the path that appear to be the same AS? I expected an AS path comprised of mostly unique ASs. instead of this: 476330: Nov 10 14:55:07.247 EDT: %BGP-6-ASPATH: Long AS path 549 26677 6939 21011 43022 43022 43022 43022 43022 47359 47359 47359 47359 47359 47359 47359 47359 received from isp router: More than configured MAXAS-LIMIT i expected it would look more like: 476330: Nov 10 14:55:07.247 EDT: %BGP-6-ASPATH: Long AS path 549 26677 6939 21011 43022 47359 received from … .. . thanks for your time again, greg -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization. Gregory Whynott Network Operations Ontario Institute for Cancer Research MaRS Centre, South Tower 101 College Street, Suite 800 Toronto, Ontario, Canada M5G 0A3 Tel: 647-294-2813 www.oicr.on.ca<http://www.oicr.on.ca/> ________________________________ -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.
-----Original Message----- From: Greg Whynott [mailto:Greg.Whynott@oicr.on.ca] Sent: Wednesday, November 10, 2010 3:40 PM To: nick@brevardwireless.com Cc: nanog@nanog.org Subject: Re: AS path question.
thanks all, this makes sense now. and i just showed the internet how ignorant I am.
No such thing! We are all here to learn, and so there are no such things as stupid questions IMO. I certainly won't rail you for asking a question like that... ahem, Neils Bakker might so there are no guarantees ;)
i have my maxas-limit set to 10 based on an article I was reading. perhaps I should up that a bit.
I think 10 is way too short. I would definitely up that.
what sort of problems are associated to overly long AS paths? is it more of a system resource control setting?
I remember back in 1999 at UUnet we had a bug in IOS in which some AS Paths were supposedly being prepended well above 255 AS Paths... IIRC that is above the maximum field length (I'd have to dig it up to be sure though) and it was actually causing routers to crash as they were interpreting the BGP messages as malformed. Today we have better protections in IOS preventing this and other associated "buffer overflow" issues, but at the time there were no such protections. The very next day we received a patched IOS from Cisco which contained the maxas-limit commands. Stefan Fouant
[... learning about path prepending ...] On Wed, Nov 10, 2010 at 03:39:31PM -0500, Greg Whynott wrote:
thanks all, this makes sense now. and i just showed the internet how ignorant I am?
Ignorance can be cured with knowledge -- as you've just proven. Keep showing people how ignorant you are -- eventually, you'll ask a question that stumps 'em. When you figure out the answer, it becomes your turn to enlighten folks. :-) I guarrantee you are not the only one that learned from your question. It's the NANOG way!
On Wed, Nov 10, 2010 at 03:39:31PM -0500, Greg Whynott wrote: [snip]
i have my maxas-limit set to 10 based on an article I was reading. perhaps I should up that a bit.
That article was deeply mistaken. 50 was reasonable for older IOS with bugs back in ... 2001-2003? I think. under the auspices of apnic, gih has done serious study of network diameter [specifically in relation to churn and background noise, but useful data here]. I'm a big fan of belts and suspenders but would reccomend taking at least a coarse analysis of the path lengths seen in your neck of the woods from your providers before setting a number. Cheers, Joe -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
participants (5)
-
Greg Whynott
-
Joe Provo
-
John Osmon
-
Nick Olsen
-
Stefan Fouant