[nsp-sec-jp] Long community list
Taka Mizuguchi
taka @ ntt.net
2007年 11月 1日 (木) 07:33:47 EDT
NSP-SEC-JP�$B3F0L!"�(B
10/29�$B!!�(BGMT�$B:"$+$i!"�(BLong BGP community�$BIU$-$N7PO)$,9-9p$5$l$?$H$$$&�(B
�$BJs9p$,$"$j$^$9!#�(B
�$B0JA0!"�(BLong AS-PATH�$B$G�(BCisco�$B%k!<%?$KLdBj$,=P$?$N$r5-21$7$F$$$kJ}$b�(B
�$BB?$$$H;W$$$^$9$,!"F1$8$h$&$K!"�(BCisco�$B$N%a%b%j$G�(Bmalloc�$B$N%(%i!<$,=P$F�(B
�$B$$$k$H$$$&Js9p$G$9!#�(B
�$B3'MM$N%k!<%?$G$b!"�(BNeighbor�$B$+$i$N�(BBGP community�$B$r<u$1F~$l$F$$$k>l9g�(B
�$B$O!"Cm0U$7$F8+$F$/$@$5$$!#�(B
�$B$^$?!"�(BCisco�$B$NJ}$KJ9$-$?$$$N$G$9$,!"�(BCisco�$B$N%k!<%?$G�(BLong community
�$B$r�(BFilter�$B$9$k%3%^%s%I$J$I$"$j$^$9$+!)�(B
-----
�$BC/$+0J2<$N%m%0$N$h$&$J$b$N$r8+$?$3$H$,$"$j$^$9$+!)�(B
10/29�$B!!�(B17:48�$B!J�(BJST�$B!K$KH/@8$7$F$$$^$9!#�(B.
Oct 29 16:48:07 router1 408: 29 16:48:06.213 %BGP-6-BIGCHUNK: Big chunk
pool request (264) for community. Replenishing with malloc Oct 29
16:48:07 router2 5165: 29 16:48:06.297 %BGP-6-BIGCHUNK: Big chunk pool
request (264) for community. Replenishing with malloc Oct 29 16:48:07
router3 1103: 29 16:48:06.474 %BGP-6-BIGCHUNK: Big chunk pool request
(264) for community. Replenishing with malloc
BGP�$B$N�(BLong AS-PATH�$B$r�(BFilter�$B$G$-$k$3$H$OCN$C$F$$$k$N$G$9$,!"F1$8$h$&$J�(B
�$B%3%^%s%I$G!"D9$$�(Bcommunity�$B$r�(BFilter�$B$9$k%3%^%s%I$O$"$j$^$9$+!)�(B
-----
�$BCN$i$J$$!#�(B7600�$B!\�(BSUP720-3BXL�$B$G�(B12.2(18)SXE6b�$B$K$O$J$$!#�(B
-----
�$B$b$7!"M=A[30$ND9$$�(Bcommunity�$BLdBj$,$"$k$J$i!"Aw$j @ h$N�(Bpeering�$B!!�(BAS�$B$K�(B
�$BLd$$9g$o$;$F!"�(Bcommunity�$B$rAw$i$J$$$h$&$K$*4j$$$9$Y$-!#$=$l$G!"$3$N�(BAS
�$B$+$i$N7PO)$K$O!"�(Bcommunity�$B$,>C$($k!#�(B
AS�$B4V�(Bpeering�$B$G$O!"DL>o!"�(Bcommunity�$B$N8r49$OI,MW$J$$!#�(BISP�$B$,7PO)>pJs$KIU$1$F�(B
�$B$/$k$9$Y$F$N�(BFlag�$B$r8+$kI,MW$O$J$$!#�(B
�$BB>$K!"$"$J$?$N%k!<%?$N%a%b%j$,ITB-$7$F$$$k!#$3$l$i$N%(%i!<%a%C%;!<%8$O�(B
Cisco�$B$N�(B256M�$B!!�(BRAM�$B$H%U%k%k!<%F%#%s%0%F!<%V%k$r@)8f$7$F$$$k$3$H$+$iMh$F$$$k!#�(B
Forwarded by Taka Mizuguchi <taka @ ntt.net>
----------------------- Original Message -----------------------
Communities are sent to you. So, if you have some issues with
outrageously long community strings. You should ask the AS that you
received the route from to change the peering session to not send
community to you. Then routes from this AS will have no communities
applied, unless you throw some on there yourself.
Most inter-AS peering relationships should not need to exchange
communities anyways. You don't really need to see all the garbage flags
some providers install onto their routing information.
On another note. You may just be running out of memory on your router.
These kinds of error messages spring up on Cisco's that only have 256meg
of ram and are attempting to handle a full Internet routing table.
Regard
Ron Johnson
-----Original Message-----
Hi,
Anyone seen something like this? Happened around 16:48 (+8 GMT).
Oct 29 16:48:07 router1 408: 29 16:48:06.213 %BGP-6-BIGCHUNK: Big chunk
pool request (264) for community. Replenishing with malloc Oct 29
16:48:07 router2 5165: 29 16:48:06.297 %BGP-6-BIGCHUNK: Big chunk pool
request (264) for community. Replenishing with malloc Oct 29 16:48:07
router3 1103: 29 16:48:06.474 %BGP-6-BIGCHUNK: Big chunk pool request
(264) for community. Replenishing with malloc
I know we can filter bgp routes with excessively long AS_PATH, but are
there similar commands to filter excessively long community?
-----
Taka Mizuguchi
taka @ ntt.net
nsp-security-jp メーリングリストの案内