This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
look for BGP routes containing local AS#
- Previous message (by thread): look for BGP routes containing local AS#
- Next message (by thread): RIPE 70 Registration is Now Open!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jamie Stallwood
Jamie.Stallwood at imerja.com
Tue Jan 27 15:31:53 CET 2015
This can happen. Say you are AS1. You have an end customer on AS2 and peer with core sites AS3 and AS4. From the link to AS4 you may see your customer prefixes with the path 3,4,1,2. -- Jamie Stallwood Security Specialist Imerja Limited M: 07795 840385 Sent from mobile secured by Good (www.good.com) -----Original Message----- From: Song Li [refresh.lsong at gmail.com] Sent: Tuesday, January 27, 2015 02:24 PM GMT Standard Time To: carlos at lacnic.net; ripe-list at ripe.net Subject: Re: look for BGP routes containing local AS# not necessary, it can appear in any place in the received AS-PATH. regards Song 在 2015/1/27 22:20, Carlos M. Martinez 写道: > Is 'local as' the same as the origin-as ? That is, the first item in the > AS-PATH list ? > > regards > > Carlos > > On 1/27/15 12:16 PM, Song Li wrote: >> For example, My AS# is 23910 and the 'local AS' is 23910. If our BGP >> router received a route from the BGP neighbor AS1 with the AS-PATH: 1 .* >> 23910, then the route is what we are looking for. >> >> 在 2015/1/27 22:05, Carlos M. Martinez 写道: >>> Can you clarify what do you mean by 'local AS' ? >>> >>> regards >>> >>> Carlos >>> >>> On 1/27/15 11:48 AM, Song Li wrote: >>>> Hi everyone, >>>> >>>> Recently I studied the BGP AS path looping problem, and found that in >>>> most cases, the received BGP routes containing local AS# are suspicious. >>>> However, we checked our BGP routing table (AS23910,CERNET2) on juniper >>>> router(show route hidden terse aspath-regex .*23910.* ), and have not >>>> found such routes in Adj-RIB-In. >>>> >>>> We believe that the received BGP routes containing local AS# are related >>>> to BGP security problem. Hence, we want to look for some real cases in >>>> the wild. Could anybody give us some examples of such routes? >>>> >>>> Thanks! >>>> >>>> Best Regards! >>>> >> >> -- Song Li Room 4-204, FIT Building, Network Security, Department of Electronic Engineering, Tsinghua University, Beijing 100084, China Tel:( +86) 010-62446440 E-mail: refresh.lsong at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/ripe-list/attachments/20150127/e6e7fb5f/attachment.html>
- Previous message (by thread): look for BGP routes containing local AS#
- Next message (by thread): RIPE 70 Registration is Now Open!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]