Sent from my iPhone
On 4 Nov 2015, at 08:43, James Bensley
<[email protected]<mailto:[email protected]>> wrote:
On 31 Oct 2015 13:17, "Neil J. McRae" <[email protected]<mailto:[email protected]>>
wrote:
>
> +1 - you can filter ASes but someone can still send a crazy as path with
> valid ASes and cause you chaos.
>
> Neil.
>
> Sent from my iPad
Are you suggesting that people shouldn't filter as-paths? Presumably you
wouldn't be that stupid so I'll assume not, so yes whilst people can still send
funky AS paths the same is true for any BGP attribute, all I need is to receive
a value out of range for the code I'm running and/or receive a malford NLRI to
trigger a router OS bug and, pop!
Surely at least trying to protect your own network is better than not trying
given how easy it is to implement AS paths filters?
Yes I am the stupid. I'd rather filter prefixes. I only use AS paths for metric
and distance and even then use that with lots of salt - and for limited periods
of time; as salt carries a big health warning - far to much chaos in the
routing table today and keeping it simple reduces the failure rate far more
than than lots of complicated config but YMMV.
Regards
Neil
