Hi Bill, Could you list which prefix(es) you saw were being announced with these long AS paths?
Mark On Sat, Sep 30, 2017 at 6:29 PM, William Herrin <b...@herrin.us> wrote: > To the chucklehead who started announcing a 2200+ byte AS path yesterday > around 18:27 EDT, I beg of you: STOP. You've triggered a bug in Quagga > that's present in all versions released in the last decade. Your > announcement causes routers based on Quagga to send a malformed update to > their neighbors, collapsing the entire BGP session. Every 30 seconds or so. > > For everyone else: please consider filtering BGP announcements with > stupidly long AS paths. There's no need nor excuse for them to be present > in the DFZ and you could have saved me a painful Saturday. > > Cisco: > > router bgp XXX > bgp maxas-limit 50 > > > Juniper: > https://kb.juniper.net/InfoCenter/index?page=content&id=KB29321 > > > Quagga: > > ip as-path access-list maxas-limit50 deny ^([{},0-9]+ ){50} > ip as-path access-list maxas-limit50 permit .* > > > Regards, > Bill Herrin > > > -- > William Herrin ................ her...@dirtside.com b...@herrin.us > Dirtside Systems ......... Web: <http://www.dirtside.com/> >
