I thought AS5397 said it was a limited test back in Feb 2005?

[Daniel Roesen]

On Fri, Apr 22, 2005 at 11:15:42AM -0400, Joe Abley wrote:
> People have been prepending other peoples' AS numbers into their  
> advertisements as a coarse inter-domain traffic engineering tool for  
> years. It has been described in NANOG tutorials on inter-domain  
> traffic engineering. It's old news. Is this really that different?

Yes, as we're talking about artificially large AS_SETs, not some random
triple-prepend. Doing TE with dirty (foreign ASN) prepends is a
different matter. My fear is that artifically large AS_SETs might
trigger buffer overflows and thus memory corruption, where the result
(misbehaviour, crashes) is not necessarily correlable to those
announcements because it might take hours, days or weeks to actually
have an adverse effect.

Lorenzo said it was tested before. With which gear of which vendors, and
which OS software releases? Did those test devices run long enough to
see the fallout of possible buffer overflow memory corruption?

And I have a problem with them ceasing the experimentation in IPv4, but
continuing in IPv6 world (with it's unmature IPv6 BGP implementations of
e.g. IOS which sometimes just forgets to forward/send withdrawl e.g.).

> AS_PATH is a loop detection mechanism, not some kind of legal  
> endorsement of packet contents.

Artificial other-people-ASN prepends are certainly NOT helpful when
troubleshooting BGP routing.

Joe, I see where you're coming from. Still it's a difference of using
things the "normal" way or "going where noone has gone before
(exaggaration of course) and seeing what'll happen".

IMHO. YMMV.


Best regards,
Daniel

-- 
CLUE-RIPE -- Jabber: dr at cluenet.de -- dr at IRCnet -- PGP: 0xA85C8AA0