[rbak-nsp] today's BGP issue...
Olivier Benghozi
olivier.benghozi at wifirst.fr
Fri Dec 2 07:47:28 EST 2011
What about asking an upstream provider to accept incoming ORF?
While it doesn't prevent the session to flap, it allows you to put a filter on your side (once you decode your show bgp malformed update result) that would be automatically applied by your provider towards you.
Being able to filter without resorting to a support zombie looks relevant to me...
regards,
Olivier Benghozi
Wifirst
Le 2 déc. 2011 à 13:22, Marcin Kuczera a écrit :
> Voigt, Thomas wrote:
>> Hi all,
>> Jeff Tantsura wrote:
>>
>>> Why don't you read RFC4271, the only method to notify a peer about
>> error condition is to send a Notification and reset the session.
>> After doing some reading the mentioned RFCs and drafts i see that this is also a strict RFC behaviour in SEOS.
>> But instead of waiting until it is implemented in SEOS, how can we protect our routers against those malformed updates in the future?
>> Has anyone found a solution for this?
>> --
>> Greetings from Weimar
>> Thomas Voigt
>> p.s.:
>> We had the same problem hiere with SEOS 6.4.1.2.
>
> 1. Use 6.2.1.4 - no aggregator/AS0 sanity checks implemented here (but route servers need to prepend)
> 2. Ask your upstream provider to clean up all communities on link towards you.
> 3. Ask your upstream provider to send you only default route.
>
> Regards,
> Marcin
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp
More information about the redback-nsp
mailing list