[c-nsp] Cogent IOS upgrade == BGP-3, "update malformed"
Gert Doering
gert at greenie.muc.de
Mon Aug 23 03:03:32 EDT 2010
Hi,
On Sun, Aug 22, 2010 at 05:23:56PM -0600, randal k wrote:
> > http://www.ciscosystems.com/en/US/docs/ios/12_0s/feature/guide/s_befasp.html
> > no bgp enforce-first-as under your BGP config (or turning it on)
> > I seem to remember a bug related to that. Not at the office or near a
> > router to check exactly which it was but had a similar problem albeit with
> > another provider.
>
> No dice. Still died, same error, right at 70k routes. Thanks for the input
> though, I thought that first-as-hop *HAD* to match the remote AS; good to
> know that it doesn't!
On a normal customer-transit provider session, if it doesn't matches, it's
"something funny going on" - bug or malicious activity.
This is mainly used for peering point route-servers, where the route-server
will hand around AS paths from "peer X" to "peer Y" without introducing
the route server AS - so there, it will fail with "enforce-first-as"
(this is done to avoid making the AS path via the RS longer/different than
via direct peering)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20100823/b7eaa823/attachment.bin>
More information about the cisco-nsp
mailing list