On 11/11/2010 03:03, Nick Hilliard wrote:
On 11/11/2010 01:25, Scott Weeks wrote:
Why did that make you feel safe? Other than a bug, and ignorance of
BGP, what is unsafe about a lotta prepends?
In theory, nothing. In practice:
I admit it. I'm feeling smug today.
Nick
--- jle...@lewis.org wrote:
From: Jon Lewis jle...@lewis.org
On Wed, 10 Nov 2010, Scott Weeks wrote:
Why did that make you feel safe? Other than a bug, and ignorance of
BGP, what is unsafe about a lotta prepends?
Ignorance of BGP? There's a known cisco bug that causes BGP session
On Wed, 10 Nov 2010 21:35:50 EST, Jon Lewis said:
anywhere near that long. Worst case, someone is silly with their number
of prepends, we don't see their route. I can't say how long I've been
doing this...it predates our rancid setup, which means 6 years. Though
it's caused numerous
On Thu, 11 Nov 2010 valdis.kletni...@vt.edu wrote:
On Wed, 10 Nov 2010 21:35:50 EST, Jon Lewis said:
anywhere near that long. Worst case, someone is silly with their number
of prepends, we don't see their route. I can't say how long I've been
doing this...it predates our rancid setup, which
On 11/11/2010 6:31 AM, Jon Lewis wrote:
Speaking of prepends, what's the community opinion on prepending someone
else's ASN on your routes for TE purposes if you're announcing routes
you don't want certain AS's to see, but don't have a communities knob
that works for those networks? I was
Recently I adjusted the maxas-limit option on our router,logs started
reporting routes being refused because the AS path is to long. seems to work
as expected.
when I looked at the logs I was a bit confused at what i was looking at...
why is it there are multiple AS's in the path
On Nov 10, 2010, at 3:22 PM, Greg Whynott wrote:
Recently I adjusted the maxas-limit option on our router,logs started
reporting routes being refused because the AS path is to long. seems to
work as expected.
when I looked at the logs I was a bit confused at what i was looking
On Wed, 10 Nov 2010, Greg Whynott wrote:
when I looked at the logs I was a bit confused at what i was looking
at... why is it there are multiple AS's in the path that appear to be
the same AS? I expected an AS path comprised of mostly unique ASs.
instead of this:
476330: Nov 10
greg.whyn...@oicr.on.ca
Sent: Wednesday, November 10, 2010 3:23 PM
To: nanog@nanog.org list nanog@nanog.org
Subject: AS path question.
Recently I adjusted the maxas-limit option on our router,logs started
reporting routes being refused because the AS path is to long. seems to work
[http://www.flhsi.com/files/emaillogo.jpg]
From: Greg Whynott greg.whyn...@oicr.on.camailto:greg.whyn...@oicr.on.ca
Sent: Wednesday, November 10, 2010 3:23 PM
To: nanog@nanog.orgmailto:nanog@nanog.org list
nanog@nanog.orgmailto:nanog@nanog.org
Subject: AS path
-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Wednesday, November 10, 2010 3:31 PM
To: Greg Whynott
Cc: nanog@nanog.org list
Subject: Re: AS path question.
People prepend, and think 'more is better' vs using communities and
other 'complex' methods
-Original Message-
From: Greg Whynott [mailto:greg.whyn...@oicr.on.ca]
Sent: Wednesday, November 10, 2010 3:40 PM
To: n...@brevardwireless.com
Cc: nanog@nanog.org
Subject: Re: AS path question.
thanks all, this makes sense now.and i just showed the internet
how ignorant I am
Stefan Fouant wrote:
-Original Message-
IMO, a combination of both community tagging to influence localpref coupled
with AS Path prepending on the secondary link is the best approach, and
seems to accommodate both steady state as well as failure scenarios
properly.
Stefan Fouant
BGP community attributes are optional transitive attributes, so in theory they
could be used by secondary or tertiary providers for policy processing.
However, that is under the assumption that those providers have the proper
policies in place and understand those communities. Alsi, in some
[mailto:greg.whyn...@oicr.on.ca]
Sent: Wednesday, November 10, 2010 12:22 PM
To: nanog@nanog.org list
Subject: AS path question.
Recently I adjusted the maxas-limit option on our router,logs
started reporting routes being refused because the AS path is to long.
seems to work as expected.
when I
[... learning about path prepending ...]
On Wed, Nov 10, 2010 at 03:39:31PM -0500, Greg Whynott wrote:
thanks all, this makes sense now.and i just showed the internet how
ignorant I am?
Ignorance can be cured with knowledge -- as you've just proven.
Keep showing people how ignorant you
On 11/10/2010 2:44 PM, Stefan Fouant wrote:
In this day and age, I'm still surprised at how many people think AS Path
prepending is the preferred way to influence inbound traffic paths. As many
providers have default local-pref policies in place which prefer routes
learned from the customer
On Wed, 10 Nov 2010 15:31:25 EST, Jared Mauch said:
The best question is:
Do you know what prefix you just lost reachability to, or do you just
point default as a last resort anyways, so don't know.
One has to wonder how many places are using the prepend-me-harder
commands to do traffic
--- valdis.kletni...@vt.edu wrote:
From: valdis.kletni...@vt.edu
One has to wonder how many places are using the prepend-me-harder
commands to do traffic engineering, and have absolutely no clue that
their prepends are having the opposite effect because the prefix is
being dropped entirely by
On 11/10/2010 5:44 PM, Scott Weeks wrote:
Do you think (or is there evidence) that very many ASs use maxas-limit type
commands? I have never used it and never had any problems...
I dunno. There was a bug with AS lengths or something not that far back.
Didn't effect any of my stuff, but just
--- jba...@brightok.net wrote:
From: Jack Bates jba...@brightok.net
On 11/10/2010 5:44 PM, Scott Weeks wrote:
Do you think (or is there evidence) that very many ASs use maxas-limit type
commands? I have never used it and never had any problems...
: ...but just to be safe I added it to all
On 11/10/2010 7:25 PM, Scott Weeks wrote:
Why did that make you feel safe? Other than a bug, and ignorance of
BGP, what is unsafe about a lotta prepends?
Wasn't that it made me feel safe, but I do have to worry about my
downstream customers who did exhibit the bug. As a provider, it falls
On 11/11/2010 01:25, Scott Weeks wrote:
Why did that make you feel safe? Other than a bug, and ignorance of
BGP, what is unsafe about a lotta prepends?
In theory, nothing. In practice:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af150f.shtml
, CableONE Internet Services
-Original Message-
From: Scott Weeks [mailto:sur...@mauigateway.com]
Sent: Wednesday, November 10, 2010 6:26 PM
To: nanog@nanog.org
Subject: Re: AS path question.
--- jba...@brightok.net wrote:
From: Jack Bates jba...@brightok.net
On 11/10/2010 5:44 PM, Scott Weeks
On Wed, Nov 10, 2010 at 03:39:31PM -0500, Greg Whynott wrote:
[snip]
i have my maxas-limit set to 10 based on an article I was reading.
perhaps I should up that a bit.
That article was deeply mistaken. 50 was reasonable for older IOS with
bugs back in ... 2001-2003? I think. under the
On Wed, 10 Nov 2010, Scott Weeks wrote:
Why did that make you feel safe? Other than a bug, and ignorance of
BGP, what is unsafe about a lotta prepends?
Ignorance of BGP? There's a known cisco bug that causes BGP session
resets when as as-path length exceeds 255. I've been running with bgp
it very hard to believe anyone legitimately needs an as-path length
anywhere near that long. Worst case, someone is silly with their
number
of prepends, we don't see their route. I can't say how long I've been
doing this...it predates our rancid setup, which means 6 years.
Though
it's
27 matches
Mail list logo
