On Wed, Dec 10, 2008 at 09:19:42PM +0000, Peter Bristow wrote: > Hi > > > So either of you should contact the ukranian ISP who is at that > > prefix; that is the problem, right? > > > > Yes we've been in contact with said ISP. They have called out their on call > engineer and their upstreams are applying pressure. This time it was > unintentional. A rouge isp DoSing all OpenBGPD routers doesn't seem like an > attractive idea to me. > > > > > > Then henning and claudio can help. > > > > Excellent. >
I looked at the porblem and I'm currently unsure what the best way is to handle such bad AS4_* attributes. The RFC in all its glory does not mention how to handle errors. So at the moment I'm in favor of just dropping/ignoring the bad optional attribute but I need to recheck with the BGP RFC to see if this is valid. Another solution is to ignore the full update but I have a bad feeling about that. All in all it should be a defined and accepted way so that it is not possible that injecting rogue BGP updates is causing session flaps around the world. This is why I think just ignoring the attribute should be save. -- :wq Claudio
