Building Network Automation Solutions
6 week online course starting in September 2017

Another BGP near-miss

A week ago AS13214 experienced internal problems and started readvertising all BGP routes (the whole Internet) as part of its autonomous system (AS). A similar incident occurred last November. In both cases, the problem did not spread very far, which indicates that the major ISPs have implemented BGP filters and prefix limits.

One can only hope that every ISP in the world would have done the same. If you’re an ISP and you haven’t configured the BGP maximum prefix feature on your customer BGP sessions yet, please do so ASAP. A good starting point would be a configuration example provided by Cisco (it’s also accessible from the Service Provider Security Best Practices).

0 comments:

Post a Comment

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.