Re: BGP route hijack by AS10990

[Sabri Berisha <sabri () cluecentral net>]

----- On Aug 1, 2020, at 12:50 PM, Nick Hilliard nick () foobar org wrote:

Hi,

> Sabri Berisha wrote on 01/08/2020 20:03:
> > but because Noction's decision to not enable NO_EXPORT by default
>
> the primary problem is not this but that Noction reinjects prefixes into
> the local ibgp mesh with the as-path stripped and then prioritises these
> prefixes so that they're learned as the best path.

Yeah, but that's not problem as far as I'm concerned. Their network, 
their rules. I've done weirder stuff than that, in tightly controlled
environments.

> The as-path is the primary loop detection mechanism in eBGP.  Removing
> this is like hot-wiring your electrical distribution board because you
> found out you could get more power if you bypass those stupid RCDs.

Well, let's be honest. Sometimes we need to get rid of that pesky mechanism.
For example, when using BGP-as-IGP, the "allowas-in" disregards the as-path,
in a controlled manner (and yes, I know, different use case).

My point is that there can be operational reasons to do so, and whatever
they wish to do on their network is perfectly fine. As long as they don't
bother the rest of the world with it. 

Thanks,

Sabri