The long (176) AS20912 prepend incident was due to a misconfiguration of a BGP router we were testing.
The problem is that differently to Cisco the syntax of the prepend field on thius system is not a string (eg. "20912 20912 20912") but an integer, that the user interface _should_ limit to the interval 0-16.
Unfortunately something has gone wrong with the syntax checker so you can enter a number (the number entered, thinking to Cisco syntax, was 20912) and the sotware interpreted it as the request of 20912 prepends... (0x51B0), dropped the highest 8 bits and processed it as the request of 0xB0=176 prepends.
The producer has been warned about the problem, which I can't completely define as a "bug"... but the lack of a user configuration helper (syntax checker).
I think that the case of AS47868 is the same, because I seed the modulo was involved too.
Many thanks to one of our upstream providers for their support.
Hi all,
I can only cofnirm that AS47868 is using also Mikrotik as their border BGP router
Tomas
Giuliano Peritore wrote:
The problem is that differently to Cisco the syntax of the prepend field on thius system is not a string (eg. "20912 20912 20912") but an integer, that the user interface _should_ limit to the interval 0-16.
...
The producer has been warned about the problem, which I can't completely define as a "bug"... but the lack of a user configuration helper (syntax checker).
More important than whether or not to consider this a bug, it seems a very shortsighted way to support prepending. If your prepend "field" is an integer controlling how many times to prepend, how do you control which ASN(s) or even AS Paths are prepended? It sounds like you probably can't. As has been discussed recently, there are cases where you might want to prepend a creative AS Path for traffic engineering purposes to force certain routes/paths to be ignored by certain ASNs.
Replacing what is conventially thought to be a string with an integer
multiplier seems a massive violation of the principle of least astonishment.
On a Cisco running 12.0S:
route-map test1
set as-path prepend last-as ?
<1-10> number of last-AS prepends
Cisco seems to be doing more sensible limits, but I do agree that the feature makes sense.
There are two ways of handling when someone puts in a very high number to number of prepends:
1. Say "out of limit" and disallow it in the config checker.
2. Actually prepend the number of times specified.
The option done here:
3. Prepend number of times entered modulo 256, is just broken.
In v3.20 of RouterOS (Mikrotik) it seems to fixed (havn't checked earlier releases), so they must have been running an old version of RouterOS if that was the platform they was using in this case, that I think someone was indicating.
[admin@router1] /routing filter> set 1 set-bgp-prepend=20912
value of set-bgp-prepend out of range (0..16)
[admin@router1] /routing filter> set 1 set-bgp-prepend=17
value of set-bgp-prepend out of range (0..16)
I think having an option to prepend the AS-PATH with an integer multiplier is pretty convenient, just as they have checks like bgp-as-path-length=0 to check the lengh of AS-PATHs without writing regexps. But there should of course also be normal text prepends and regexp checks. With a check that no more than 16 are added, like the current version enforces misstakes like this shouldn't be possible.
It's just a personal opinion, but I would think that if someone is going to
make the rest of the net suffer the ugliness of a nnnnn nnnnn nnnnn nnnnn
nnnnn nnnnn nnnnn nnnnn nnnnn nnnnn nnnnn nnnnn prepend, then it's not
unreasonable they should have to look at the ugliness in their config file
as well 
The use of a multiplier just makes it too painless to inflict
all that ugliness on everyone else without having to look at it first...
From the end-user perspective, it makes sense to make the "prepend"
parameter an integer. The only thing an end-user really needs is routing
policy (primary/backup selection) and sometimes AS path prepending is the
only solution. Allowing them to insert third-party AS numbers into the AS
path increases their confusion (assuming they were never exposed to Cisco
IOS). Obviously, the number of prepends has to be limited to something
sensible (10 seems a good number, and it looks like Mikrotik has implemented
that restriction).
The "set as-path prepend last-as" is a completely different story; it's used
to do proxy prepending for your customers.
Ivan Pepelnjak
If we really want bgp for idiots, perhaps a checkbox for "make this
(slightly,more,greatly) less preferred for incoming traffic" would do the
job
Then again, perhaps people who want the results of their local configuration
distributed to the ends of the earth should at least read a book or two...
-Dorn
Hi,
.-- My secret spy satellite informs me that at Fri, 20 Feb 2009, Giuliano Peritore wrote:
I think that the case of AS47868 is the same, because I seed the
modulo was involved too.
For those interested, I made an overview of longest AS paths observed per day, starting with February 1st.
I added a feature that checks if number of prepends matches the low-order 8 bits of the offending AS number.
Indicating that it's likely caused by the same Mikrotik bug/feature.
The list can be found here:
http://bgpmon.net/maxASpath.php
Interesting is that the first time this was observed was actually on February
9th (251 prepends by AS45307). Apparently the impact was not as widespread as
this week.
Cheers,
Andree