[j-nsp] What does AS path attribute problem mean?

Jared Mauch jared at puck.nether.net
Fri Sep 9 13:07:38 EDT 2011 

	Well, the update is well formatted and proper, the handling in JunOS is buggy.  You don't want to just blackhole unkown items like this as you can
create a significant problem for others similar to the bogon problems
that exist.

	This type of a fix is ONLY a short term fix to workaround your buggy
software.

	- Jared

On Fri, Sep 09, 2011 at 12:58:36PM -0400, Andrew Parnell wrote:
> We noticed this as well on a couple of our M7i running 9.x series
> code, but not on others running 10.x.  This is being caused by a
> particular prefix (212.118.142.0/24):
> 
> rpd[5239]: xx.xx.253.192 (Internal AS xx) Received BAD update for
> family inet-unicast(1), prefix 212.118.142.0/24
> 
> The easy solution is to simply filter out the offending prefix.  There
> are many ways this can be done, but the following did the trick for
> us:
> 
> policy-options {
>     prefix-list bad-prefixes {
>         212.118.142.0/24;
>     }
>     policy-statement BGP-Import {
>         term block-bad-prefixes {
>             from {
>                 prefix-list bad-prefixes;
>             }
>             then reject;
>         }
> }
> 
> Apply something like this to your BGP import and/or export policy as
> appropriate and you should be fine.
> 
> Andrew
> 
> On Fri, Sep 9, 2011 at 11:41 AM, Markus <universe at truemetal.org> wrote:
> > All of a sudden without changing anything in the config I'm getting the
> > following on a M7i running 8.0R2.8:
> >
> > rpd[3019]: bgp_read_v4_update: NOTIFICATION sent to 89.146.xx.49 (External
> > AS xxxx): code 3 (Update Message Error) subcode 11 (AS path attribute
> > problem)
> >
> > The other end (Cisco) is getting:
> >
> > %BGP-3-NOTIFICATION: received from neighbor 89.146.xx.50 3/11 (invalid or
> > corrupt AS path) 0 bytes
> >
> > This is causing the BGP session to flap. It happens at arbitrary intervals,
> > sometimes once a minute, sometimes just once in an hour. CFEB and RE CPU are
> > at steady 100% when it happens.
> >
> > What can I do about this and what could be the cause? Help! :)
> >
> > Thanks!
> > Markus
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
> > ______________________________________________________________________
> > This email has been scanned by the MessageLabs Email Security System.
> > For more information please visit http://www.messagelabs.com/email
> > ______________________________________________________________________
> >
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

More information about the juniper-nsp mailing list