RE: attribution

2020-04-17 Thread Jakob Heitz (jheitz) via NANOG 
From version 6.3.1, IOS XR supports "if community length" in route-policy.

Regards,
Jakob.

-Original Message-
Date: Fri, 17 Apr 2020 12:29:33 +0100
From: 

On the point of as-path length limit, Yes I know of at least one tier-1 that 
does it and since I left some 8 years back I do it everywhere I go.
In addition to the above (best common practice, id' say)
-on junos you can do community length limiting
-and on cisco you can do attribute filtering  -hence my question to this forum 
some time back about whether folks do filter all the "experiments" for the sake 
of running a successful business (paraphrasing...)

adam

RE: attribution

2020-04-17 Thread adamv0025 
> Christopher Morrow
> Sent: Tuesday, April 14, 2020 2:51 AM
> 
> On Mon, Apr 13, 2020 at 7:38 PM Brandon Martin
>  wrote:
> >
> > On 4/13/20 4:31 PM, Randy Bush wrote:
> > > it seems a lot of folk think prepending acrually works.
> >
> > I mean, there's prepending and then there's prepending 50+ times...
> > Has the latter EVER been useful in any way, shape, or form?
> 
> for ~4 yrs or so there's been possible problems with as-paths longer than ~50
> (I think, i can't recall the exact vendor bug) so, folk should have already 
> been
> denying announcements with longer than ~soemthing-like-45 asn in the
> path.. right? :)
> 
>From memory this was one of the two accidents (someone prepending their AS 255 
>times and an university announcing special unheard-of attribute) that 
>triggered the good work around RFC 7606 - Revised Error Handling for BGP 
>UPDATE Messages.
And why Randy and we all can enjoy messages like
Apr 12 17:57:42 r0.iad rpd[1752]: Prefix Send failed ! 103.148.41.0/24 
bgp_rt_trace_too_big_message:1209 path attribute too big. Cannot build update.
Or
RP/0/RSP0/CPU0:Jan 18 00:22:41.029 : bgp[1058]: %ROUTING-BGP-3-MALFORM_UPDATE : 
Malformed UPDATE message received from neighbor x.x.x.x (VRF: INTERNET) - 
message length 87 bytes, error flags 0x0040, action taken "DiscardAttr". 
Error details: "Error 0x0040, Field "Attr-unexpected", Attribute 128 (Flags 
0xe0, Length 18), Data [e0801200]". NLRIs: [IPv4 Unicast] <>
While our BGP sessions keep on working just fine and either the update is 
treated as withdraw or the attribute is deleted.
 

On the point of as-path length limit, Yes I know of at least one tier-1 that 
does it and since I left some 8 years back I do it everywhere I go.
In addition to the above (best common practice, id' say)
-on junos you can do community length limiting
-and on cisco you can do attribute filtering  -hence my question to this forum 
some time back about whether folks do filter all the "experiments" for the sake 
of running a successful business (paraphrasing...)

adam

Re: attribution

2020-04-13 Thread Christopher Morrow 
On Mon, Apr 13, 2020 at 7:38 PM Brandon Martin  wrote:
>
> On 4/13/20 4:31 PM, Randy Bush wrote:
> > it seems a lot of folk think prepending acrually works.
>
> I mean, there's prepending and then there's prepending 50+ times...  Has
> the latter EVER been useful in any way, shape, or form?

for ~4 yrs or so there's been possible problems with as-paths longer
than ~50 (I think, i can't recall the exact vendor bug)
so, folk should have already been denying announcements with longer
than ~soemthing-like-45 asn in the path.. right? :)

(yes, any prepend past ~10 is arguably not worth the time)

Re: attribution

2020-04-13 Thread Brandon Martin 

On 4/13/20 4:31 PM, Randy Bush wrote:

it seems a lot of folk think prepending acrually works.


I mean, there's prepending and then there's prepending 50+ times...  Has 
the latter EVER been useful in any way, shape, or form?

--
Brandon Martin

Re: attribution

2020-04-13 Thread Matthew Petach 
Well, according to your router's error message, it *did* work...it ensured
you couldn't propagate that route update, thereby ensuring no traffic from
your neighbors would traverse the prepended path.

Of course, it's a bit of a degenerate case of "working"--but it *did* serve
to shift traffic away.  ^_^;;

Matt



On Mon, Apr 13, 2020, 13:33 Randy Bush  wrote:

> > I’m using CAIDA’s bgpreader and this one looks like it might be an
> > example of what you want.
> >
> > R|R|1586714402.00|routeviews|route-views.eqix|||2914|206.126.236.12|
> 103.148.41.0/24|206.126.236.12|2914
>  58717 134371 134371
> 134371 134371 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076
> 140076 140076 140076 140076 140076 140076|140076|2914:410 2914:1405
> 2914:2406 2914:3400||
>
> aut-num:AS140076
> as-name:MIS-AS-AP
> descr:  Mir Internet Service
> country:BD
> org:ORG-MIS3-AP
> admin-c:MISA2-AP
> tech-c: MISA2-AP
> mnt-by: APNIC-HM
> mnt-irt:IRT-MIS-BD
> mnt-routes: MAINT-MIS-BD
> mnt-lower:  MAINT-MIS-BD
> last-modified:  2020-01-31T06:35:38Z
> source: APNIC
>
> actually, an example of what none of us wants :)
>
> it seems a lot of folk think prepending acrually works.
>
> thanks
>
>
>

Re: attribution

2020-04-13 Thread Mark Tinka 



On 13/Apr/20 23:04, Bryan Holloway wrote:

>  
>
> Oh, it works ... just not for anything pragmatically useful.

In 2020, no less.

Can't recall the last time I used this feature, even if it's one we
offer for BGP communities we accept from customers.

Admittedly, I don't think of any of them use it.

Mark.

Re: attribution

2020-04-13 Thread Bryan Holloway 



On 4/13/20 10:31 PM, Randy Bush wrote:

I’m using CAIDA’s bgpreader and this one looks like it might be an
example of what you want.

R|R|1586714402.00|routeviews|route-views.eqix|||2914|206.126.236.12|103.148.41.0/24|206.126.236.12|2914
 58717 134371 134371 134371 134371 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076|140076|2914:410 
2914:1405 2914:2406 2914:3400||


aut-num:AS140076
as-name:MIS-AS-AP
descr:  Mir Internet Service
country:BD
org:ORG-MIS3-AP
admin-c:MISA2-AP
tech-c: MISA2-AP
mnt-by: APNIC-HM
mnt-irt:IRT-MIS-BD
mnt-routes: MAINT-MIS-BD
mnt-lower:  MAINT-MIS-BD
last-modified:  2020-01-31T06:35:38Z
source: APNIC

actually, an example of what none of us wants :)

it seems a lot of folk think prepending acrually works.

thanks



Oh, it works ... just not for anything pragmatically useful.

Re: attribution

2020-04-13 Thread Randy Bush 
> I’m using CAIDA’s bgpreader and this one looks like it might be an
> example of what you want.
> 
> R|R|1586714402.00|routeviews|route-views.eqix|||2914|206.126.236.12|103.148.41.0/24|206.126.236.12|2914
>  58717 134371 134371 134371 134371 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076 140076 140076 140076 140076 140076 140076 140076 
> 140076|140076|2914:410 2914:1405 2914:2406 2914:3400||

aut-num:AS140076
as-name:MIS-AS-AP
descr:  Mir Internet Service
country:BD
org:ORG-MIS3-AP
admin-c:MISA2-AP
tech-c: MISA2-AP
mnt-by: APNIC-HM
mnt-irt:IRT-MIS-BD
mnt-routes: MAINT-MIS-BD
mnt-lower:  MAINT-MIS-BD
last-modified:  2020-01-31T06:35:38Z
source: APNIC

actually, an example of what none of us wants :)

it seems a lot of folk think prepending acrually works.

thanks

Re: attribution

2020-04-13 Thread Sandra Murphy 
I’m using CAIDA’s bgpreader and this one looks like it might be an example of 
what you want.

R|R|1586714402.00|routeviews|route-views.eqix|||2914|206.126.236.12|103.148.41.0/24|206.126.236.12|2914
 58717 134371 134371 134371 134371 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 140076 
140076 140076 140076 140076 140076 140076 140076 140076 140076|140076|2914:410 
2914:1405 2914:2406 2914:3400||

—Sandy

> On Apr 13, 2020, at 3:17 PM, Randy Bush  wrote:
> 
> Apr 12 17:57:42 r0.iad rpd[1752]: Prefix Send failed ! 103.148.41.0/24 
> bgp_rt_trace_too_big_message:1209 path attribute too big. Cannot build update.
> 
> so some idiot is barfing out a ridiculous as_path.  dear lazynet, is
> there an easy way to get attribution for this stupidity?  i.e. the
> as_path.
> 
> e.g. a nice query to ris or rv given the prefix, 103.148.41.0/24, and
> the uct time, Apr 12 17:57:42.
> 
> randy