[AusNOG] Optus downtime chat + affecting SMS verification toTelstra?

John Edwards jaedwards at gmail.com
Tue Nov 14 13:27:13 AEDT 2023


The default behaviour of the "maximum prefix" BGP feature is to bring down
the BGP session with the peer.

The alternate behaviour is to log a warning and accept a prefix.

I am not aware of an implementation that just allows "Accept up to X routes
and then don't accept any more".

That sounds logical but in reality would lead to inconsistent behaviour
that is more readily addressed with existing routing policy tools.

It appears that a failure of routing policy was a major contributor to an
Optus outage, where that policy had an assumption of trusting internal
peers and the fault was exacerbated by some mechanism where a policy
failure was able to impact other logical networks on the same device
(assuming there is/was more than 1 logical network).

Or maybe someone just leaked full routes into OSPF 🫠

John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20231114/c56cd164/attachment.htm>


More information about the AusNOG mailing list