routing-wg
Threads by month
- ----- 2024 -----
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- 5 participants
- 3290 discussions
Dear colleagues,
You might find this new RIPE Labs article interesting: "Visibility of
Prefix Lengths in IPv4 and IPv6"
http://labs.ripe.net/Members/dbayer/visibility-of-prefix-lengths
Kind regards,
Mirjam Kuehne
RIPE NCC
1
0
This report has been generated at Fri Oct 7 21:12:24 2011 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date Prefixes CIDR Agg
30-09-11 377480 221922
01-10-11 377431 221793
02-10-11 377430 221822
03-10-11 377808 221722
04-10-11 377724 221790
05-10-11 377891 222102
06-10-11 378031 221892
07-10-11 378198 221924
AS Summary
39061 Number of ASes in routing system
16522 Number of ASes announcing only one prefix
3552 Largest number of prefixes announced by an AS
AS6389 : BELLSOUTH-NET-BLK - BellSouth.net Inc.
108295136 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 07Oct11 ---
ASnum NetsNow NetsAggr NetGain % Gain Description
Table 378306 221924 156382 41.3% All ASes
AS6389 3552 225 3327 93.7% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS18566 1915 380 1535 80.2% COVAD - Covad Communications
Co.
AS4766 2493 973 1520 61.0% KIXS-AS-KR Korea Telecom
AS22773 1458 110 1348 92.5% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS4755 1541 232 1309 84.9% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS4323 1628 396 1232 75.7% TWTC - tw telecom holdings,
inc.
AS1785 1833 783 1050 57.3% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS28573 1369 325 1044 76.3% NET Servicos de Comunicao S.A.
AS19262 1394 400 994 71.3% VZGNI-TRANSIT - Verizon Online
LLC
AS7552 1394 424 970 69.6% VIETEL-AS-AP Vietel
Corporation
AS10620 1680 773 907 54.0% Telmex Colombia S.A.
AS7303 1164 321 843 72.4% Telecom Argentina S.A.
AS18101 953 155 798 83.7% RELIANCE-COMMUNICATIONS-IN
Reliance Communications
Ltd.DAKC MUMBAI
AS24560 1180 411 769 65.2% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS8151 1414 650 764 54.0% Uninet S.A. de C.V.
AS4808 1074 335 739 68.8% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS30036 1385 681 704 50.8% MEDIACOM-ENTERPRISE-BUSINESS -
Mediacom Communications Corp
AS7545 1608 932 676 42.0% TPG-INTERNET-AP TPG Internet
Pty Ltd
AS14420 756 91 665 88.0% CORPORACION NACIONAL DE
TELECOMUNICACIONES - CNT EP
AS3356 1102 450 652 59.2% LEVEL3 Level 3 Communications
AS17974 1962 1312 650 33.1% TELKOMNET-AS2-AP PT
Telekomunikasi Indonesia
AS4804 707 89 618 87.4% MPX-AS Microplex PTY LTD
AS8402 1406 792 614 43.7% CORBINA-AS OJSC "Vimpelcom"
AS17676 674 70 604 89.6% GIGAINFRA Softbank BB Corp.
AS20115 1593 989 604 37.9% CHARTER-NET-HKY-NC - Charter
Communications
AS22561 965 362 603 62.5% DIGITAL-TELEPORT - Digital
Teleport Inc.
AS3549 1052 450 602 57.2% GBLX Global Crossing Ltd.
AS22047 579 33 546 94.3% VTR BANDA ANCHA S.A.
AS7011 1167 643 524 44.9% FRONTIER-AND-CITIZENS -
Frontier Communications of
America, Inc.
AS17488 908 401 507 55.8% HATHWAY-NET-AP Hathway IP Over
Cable Internet
Total 41906 14188 27718 66.1% Top 30 total
Possible Bogus Routes
5.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
5.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
5.1.24.0/24 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
10.86.64.32/30 AS65530 -Private Use AS-
10.86.64.36/30 AS65530 -Private Use AS-
10.86.65.32/30 AS65530 -Private Use AS-
10.86.65.36/30 AS65530 -Private Use AS-
10.255.255.0/30 AS65530 -Private Use AS-
10.255.255.4/30 AS65530 -Private Use AS-
10.255.255.8/30 AS65530 -Private Use AS-
41.222.79.0/24 AS36938 AMSCOTELECOMS Amsco Telecommunications Nigeria Limited
41.223.92.0/22 AS36936 CELTEL-GABON Celtel Gabon Internet Service
62.61.220.0/24 AS24974 TACHYON-EU Tachyon Europe BV
62.61.221.0/24 AS24974 TACHYON-EU Tachyon Europe BV
64.21.192.0/20 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.21.212.0/22 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.21.216.0/21 AS11610 INETNEBR-1 - Internet Nebraska Corporation
66.171.32.0/20 AS705 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
66.180.239.0/24 AS35888 VIGNETTE - VIGNETTE CORPORATION
66.206.47.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
66.207.32.0/20 AS23011
66.245.176.0/20 AS19318 NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC
69.6.80.0/24 AS13442
71.19.134.0/23 AS3313 INET-AS BT Italia S.p.A.
80.88.10.0/24 AS33774 DJAWEB
110.34.44.0/22 AS12653 COMTONET KB Impuls Hellas
116.206.72.0/24 AS6461 MFNX MFN - Metromedia Fiber Network
116.206.85.0/24 AS6461 MFNX MFN - Metromedia Fiber Network
116.206.103.0/24 AS6461 MFNX MFN - Metromedia Fiber Network
117.120.56.0/21 AS4755 TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
121.46.0.0/16 AS4134 CHINANET-BACKBONE No.31,Jin-rong Street
128.65.144.0/21 AS12886 LEWTELNET LEWTelNet GmbH
128.65.208.0/20 AS34309 LINK11 Link11 GmbH
142.54.0.0/19 AS23498 CDSI - Cogeco Data Services Inc.
172.102.0.0/22 AS4812 CHINANET-SH-AP China Telecom (Group)
185.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
185.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
185.24.0.0/24 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
190.102.32.0/20 AS30058 FDCSERVERS - FDCservers.net
190.104.32.0/21 AS27882 Telefónica Celular de Bolivia S.A.
193.111.87.0/24 AS24812
200.6.93.0/24 AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL
200.6.94.0/24 AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL
200.6.95.0/24 AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL
200.23.84.0/24 AS8151 Uninet S.A. de C.V.
200.24.73.0/24 AS26061 Equant Colombia
200.24.78.0/26 AS3549 GBLX Global Crossing Ltd.
200.24.78.64/26 AS3549 GBLX Global Crossing Ltd.
200.33.40.0/24 AS11172 Alestra, S. de R.L. de C.V.
200.34.0.0/20 AS6342 Instituto Tecnológico y de Estudios Superiores de Monterrey
200.53.0.0/19 AS13878 Diveo do Brasil Telecomunicacoes Ltda
202.1.224.0/24 AS10097 FLOWCOM Flow Communications 2/541 Kent St Sydney NSW 2000
202.9.55.0/24 AS2764 AAPT AAPT Limited
202.9.57.0/24 AS2764 AAPT AAPT Limited
202.58.113.0/24 AS19161
202.61.75.0/24 AS9927 PHILCOMNET-PH A Multihomed ISP Company
202.74.232.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.74.233.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.83.120.0/21 AS37972
202.83.124.0/24 AS37972
202.83.125.0/24 AS37972
202.83.126.0/24 AS37972
202.94.1.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.133.70.0/24 AS38616 WORLDCALL-AS-KHI Worldcall Telecom Limited
202.160.152.0/22 AS10113 DATAFAST-AP DATAFAST TELECOMMUNICATIONS LTD
202.174.125.0/24 AS9498 BBIL-AP BHARTI Airtel Ltd.
202.176.1.0/24 AS9942 COMINDICO-AP SOUL Converged Communications Australia
202.179.131.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.134.0/24 AS23966 LDN-AS-PK LINKdotNET Telecom Limited
202.179.144.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
203.23.1.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.24.38.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.30.127.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.86.0/23 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.86.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.87.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.188.0/24 AS1221 ASN-TELSTRA Telstra Pty Ltd
203.142.219.0/24 AS45149
203.175.107.0/24 AS45595 PKTELECOM-AS-PK Pakistan Telecom Company Limited
205.150.0.0/15 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
205.175.214.0/24 AS5583 ORANGE-BUSINESS-SERVICES-BENELUX Orange Business Services (formerly Equant) AS for BENELUX
205.207.148.0/23 AS812 ROGERS-CABLE - Rogers Cable Communications Inc.
206.123.129.0/24 AS10790 INREACH-AS - InReach Internet
206.180.240.0/20 AS12083 KNOLOGY-NET - Knology Holdings
206.197.184.0/24 AS23304 DATOTEL-STL-AS - Datotel LLC, a NetLabs LLC Company
207.174.131.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.132.0/23 AS26116 INDRA - Indra's Net Inc.
207.174.152.0/23 AS26116 INDRA - Indra's Net Inc.
207.174.154.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.155.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.200.0/24 AS22658 EARTHNET - Earthnet, Inc.
207.174.248.0/21 AS6653 PRIVATEI - privateI, LLC
207.231.96.0/19 AS11194 NUNETPA - NuNet Inc.
208.83.53.0/24 AS40569 YGOMI-AS - Ygomi LLC
209.148.64.0/19 AS13773 TELNETCOMM - Telnet Communications
209.177.64.0/20 AS6461 MFNX MFN - Metromedia Fiber Network
209.213.0.0/20 AS33005 ELTOPIA - Eltopia.com, LLC
210.56.150.0/23 AS38138 INTECH-TRANSIT-BD InTech Online Limited, INTERNET SERVICE LIMITED
216.21.160.0/20 AS13818 PHX-INTL-TELEPORT - Phoenix International Teleport
216.58.200.0/24 AS18530 ISOMEDIA-1 - Isomedia Inc.
216.194.160.0/20 AS13818 PHX-INTL-TELEPORT - Phoenix International Teleport
Please see http://www.cidr-report.org for the full report
------------------------------------
Copies of this report are mailed to:
nanog(a)nanog.org
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
BGP Update Report
Interval: 29-Sep-11 -to- 06-Oct-11 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS9829 58237 3.6% 59.3 -- BSNL-NIB National Internet Backbone
2 - AS17451 54858 3.4% 246.0 -- BIZNET-AS-AP BIZNET ISP
3 - AS6316 31539 1.9% 1051.3 -- AS-PAETEC-NET - PaeTec Communications, Inc.
4 - AS32528 25182 1.6% 6295.5 -- ABBOTT Abbot Labs
5 - AS19201 24511 1.5% 500.2 -- ETC - Eastex Telephone Cooperative, Inc.
6 - AS14420 24093 1.5% 46.4 -- CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP
7 - AS5800 23673 1.5% 125.3 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center
8 - AS4755 23483 1.4% 15.3 -- TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
9 - AS20940 21905 1.4% 300.1 -- AKAMAI-ASN1 Akamai Technologies European AS
10 - AS38040 20370 1.3% 1455.0 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
11 - AS8402 20258 1.2% 14.6 -- CORBINA-AS OJSC "Vimpelcom"
12 - AS16625 17363 1.1% 510.7 -- AKAMAI-ASN1 Akamai Technologies European AS
13 - AS9498 14569 0.9% 148.7 -- BBIL-AP BHARTI Airtel Ltd.
14 - AS16916 14530 0.9% 1816.2 -- NETLOGIC-WEST - INFINIPLEX LLC DBA NETLOGIC
15 - AS30036 13866 0.8% 29.4 -- MEDIACOM-ENTERPRISE-BUSINESS - Mediacom Communications Corp
16 - AS17974 13529 0.8% 8.4 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
17 - AS17908 13199 0.8% 16.1 -- TCISL Tata Communications
18 - AS7552 12163 0.8% 9.0 -- VIETEL-AS-AP Vietel Corporation
19 - AS31148 9911 0.6% 25.0 -- FREENET-AS FreeNet ISP
20 - AS9649 9890 0.6% 186.6 -- MOPH-TH-AP Information Technology Office
TOP 20 Unstable Origin AS (Updates per announced prefix)
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS32528 25182 1.6% 6295.5 -- ABBOTT Abbot Labs
2 - AS17408 3476 0.2% 3476.0 -- ABOVE-AS-AP AboveNet Communications Taiwan
3 - AS9562 9848 0.6% 2462.0 -- MSU-TH-AP Mahasarakham University
4 - AS16916 14530 0.9% 1816.2 -- NETLOGIC-WEST - INFINIPLEX LLC DBA NETLOGIC
5 - AS20098 1810 0.1% 1810.0 -- BCBS-AL - Blue Cross Blue Shield of Alabama
6 - AS28722 1729 0.1% 1729.0 -- ENERGETYKA-KALISKA-AS Energetyka Kaliska S.A.
7 - AS11028 1584 0.1% 1584.0 -- SETIATHOME - SETIATHOME
8 - AS38040 20370 1.3% 1455.0 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
9 - AS50660 1282 0.1% 1282.0 -- SSIF-CJ-AS SOCIETATE DE SERVICII DE INVESTITII FINANCIARE BROKER SA
10 - AS17425 7397 0.5% 1232.8 -- EPA-AS-TH Provincial Electricity Authority of Thailand.
11 - AS50975 2276 0.1% 1138.0 -- AVX_AS AVX Czech republic s.r.o
12 - AS6316 31539 1.9% 1051.3 -- AS-PAETEC-NET - PaeTec Communications, Inc.
13 - AS10099 883 0.1% 883.0 -- HKUNICOM1-AP China Unicom (Hong Kong) Operations Limited
14 - AS44025 759 0.1% 759.0 -- KAMTELEKOM-NET Kamtelekom Ltd.
15 - AS22793 729 0.0% 729.0 -- CASSOCORP - CASSO Corporation
16 - AS19725 654 0.0% 654.0 -- COHPWE - City Of Houston - Public Works
17 - AS55696 596 0.0% 596.0 -- SCOM-AS-ID Starcom Solusindo PT.
18 - AS56548 556 0.0% 556.0 -- CENTERMEDIALTD-AS CenterMedia Ltd.
19 - AS3 551 0.0% 597.0 -- ASKAOSCDN KAOS redes IP
20 - AS16625 17363 1.1% 510.7 -- AKAMAI-ASN1 Akamai Technologies European AS
TOP 20 Unstable Prefixes
Rank Prefix Upds % Origin AS -- AS Name
1 - 206.80.93.0/24 14507 0.8% AS16916 -- NETLOGIC-WEST - INFINIPLEX LLC DBA NETLOGIC
2 - 202.92.235.0/24 14167 0.8% AS9498 -- BBIL-AP BHARTI Airtel Ltd.
3 - 130.36.34.0/24 12585 0.7% AS32528 -- ABBOTT Abbot Labs
4 - 130.36.35.0/24 12585 0.7% AS32528 -- ABBOTT Abbot Labs
5 - 66.248.96.0/21 10820 0.6% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
6 - 66.248.120.0/21 10746 0.6% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
7 - 66.248.104.0/21 9888 0.6% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
8 - 63.174.153.0/24 8466 0.5% AS19201 -- ETC - Eastex Telephone Cooperative, Inc.
9 - 63.174.152.0/24 8458 0.5% AS19201 -- ETC - Eastex Telephone Cooperative, Inc.
10 - 213.16.48.0/24 6131 0.3% AS8866 -- BTC-AS Bulgarian Telecommunication Company Plc.
11 - 180.180.255.0/24 4675 0.3% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
12 - 180.180.249.0/24 4033 0.2% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
13 - 180.180.253.0/24 3930 0.2% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
14 - 180.180.248.0/24 3850 0.2% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
15 - 180.180.250.0/24 3845 0.2% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
16 - 206.228.173.0/24 3684 0.2% AS19201 -- ETC - Eastex Telephone Cooperative, Inc.
17 - 63.174.148.0/24 3683 0.2% AS19201 -- ETC - Eastex Telephone Cooperative, Inc.
18 - 202.153.174.0/24 3476 0.2% AS17408 -- ABOVE-AS-AP AboveNet Communications Taiwan
19 - 95.100.128.0/20 3180 0.2% AS16625 -- AKAMAI-ASN1 Akamai Technologies European AS
20 - 95.100.144.0/20 3173 0.2% AS16625 -- AKAMAI-ASN1 Akamai Technologies European AS
Details at http://bgpupdates.potaroo.net
------------------------------------
Copies of this report are mailed to:
nanog(a)nanog.org
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG,
CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to bgp-stats(a)lists.apnic.net
For historical data, please see http://thyme.rand.apnic.net.
If you have any comments please contact Philip Smith <pfsinoz(a)gmail.com>.
Routing Table Report 04:00 +10GMT Sat 08 Oct, 2011
Report Website: http://thyme.rand.apnic.net
Detailed Analysis: http://thyme.rand.apnic.net/current/
Analysis Summary
----------------
BGP routing table entries examined: 376147
Prefixes after maximum aggregation: 169003
Deaggregation factor: 2.23
Unique aggregates announced to Internet: 185518
Total ASes present in the Internet Routing Table: 38980
Prefixes per ASN: 9.65
Origin-only ASes present in the Internet Routing Table: 32290
Origin ASes announcing only one prefix: 15494
Transit ASes present in the Internet Routing Table: 5213
Transit-only ASes present in the Internet Routing Table: 134
Average AS path length visible in the Internet Routing Table: 4.4
Max AS path length visible: 33
Max AS path prepend of ASN (48687) 24
Prefixes from unregistered ASNs in the Routing Table: 1658
Unregistered ASNs in the Routing Table: 841
Number of 32-bit ASNs allocated by the RIRs: 1832
Number of 32-bit ASNs visible in the Routing Table: 1477
Prefixes from 32-bit ASNs in the Routing Table: 3383
Special use prefixes present in the Routing Table: 12
Prefixes being announced from unallocated address space: 95
Number of addresses announced to Internet: 2483550208
Equivalent to 148 /8s, 7 /16s and 248 /24s
Percentage of available address space announced: 67.0
Percentage of allocated address space announced: 67.0
Percentage of available address space allocated: 100.0
Percentage of address space in use by end-sites: 91.5
Total number of prefixes smaller than registry allocations: 157509
APNIC Region Analysis Summary
-----------------------------
Prefixes being announced by APNIC Region ASes: 94479
Total APNIC prefixes after maximum aggregation: 30812
APNIC Deaggregation factor: 3.07
Prefixes being announced from the APNIC address blocks: 90937
Unique aggregates announced from the APNIC address blocks: 38010
APNIC Region origin ASes present in the Internet Routing Table: 4569
APNIC Prefixes per ASN: 19.90
APNIC Region origin ASes announcing only one prefix: 1249
APNIC Region transit ASes present in the Internet Routing Table: 702
Average APNIC Region AS path length visible: 4.5
Max APNIC Region AS path length visible: 19
Number of APNIC region 32-bit ASNs visible in the Routing Table: 90
Number of APNIC addresses announced to Internet: 628447584
Equivalent to 37 /8s, 117 /16s and 89 /24s
Percentage of available APNIC address space announced: 79.7
APNIC AS Blocks 4608-4864, 7467-7722, 9216-10239, 17408-18431
(pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319,
58368-59391, 131072-132095, 132096-133119
APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8,
49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8,
106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8,
116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8,
123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8,
182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8,
219/8, 220/8, 221/8, 222/8, 223/8,
ARIN Region Analysis Summary
----------------------------
Prefixes being announced by ARIN Region ASes: 144302
Total ARIN prefixes after maximum aggregation: 74084
ARIN Deaggregation factor: 1.95
Prefixes being announced from the ARIN address blocks: 116427
Unique aggregates announced from the ARIN address blocks: 48007
ARIN Region origin ASes present in the Internet Routing Table: 14715
ARIN Prefixes per ASN: 7.91
ARIN Region origin ASes announcing only one prefix: 5670
ARIN Region transit ASes present in the Internet Routing Table: 1556
Average ARIN Region AS path length visible: 4.0
Max ARIN Region AS path length visible: 25
Number of ARIN region 32-bit ASNs visible in the Routing Table: 12
Number of ARIN addresses announced to Internet: 805354752
Equivalent to 48 /8s, 0 /16s and 189 /24s
Percentage of available ARIN address space announced: 64.0
ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106
(pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153
3354-4607, 4865-5119, 5632-6655, 6912-7466
7723-8191, 10240-12287, 13312-15359, 16384-17407
18432-20479, 21504-23551, 25600-26591,
26624-27647, 29696-30719, 31744-33791
35840-36863, 39936-40959, 46080-47103
53248-55295, 393216-394239
ARIN Address Blocks 3/8, 4/8, 6/8, 7/8, 8/8, 9/8, 11/8,
12/8, 13/8, 15/8, 16/8, 17/8, 18/8, 19/8,
20/8, 21/8, 22/8, 23/8, 24/8, 26/8, 28/8,
29/8, 30/8, 32/8, 33/8, 34/8, 35/8, 38/8,
40/8, 44/8, 45/8, 47/8, 48/8, 50/8, 52/8,
53/8, 54/8, 55/8, 56/8, 57/8, 63/8, 64/8,
65/8, 66/8, 67/8, 68/8, 69/8, 70/8, 71/8,
72/8, 73/8, 74/8, 75/8, 76/8, 96/8, 97/8,
98/8, 99/8, 100/8, 104/8, 107/8, 108/8, 173/8,
174/8, 184/8, 199/8, 204/8, 205/8, 206/8, 207/8,
208/8, 209/8, 214/8, 215/8, 216/8,
RIPE Region Analysis Summary
----------------------------
Prefixes being announced by RIPE Region ASes: 90213
Total RIPE prefixes after maximum aggregation: 50506
RIPE Deaggregation factor: 1.79
Prefixes being announced from the RIPE address blocks: 82867
Unique aggregates announced from the RIPE address blocks: 54222
RIPE Region origin ASes present in the Internet Routing Table: 16019
RIPE Prefixes per ASN: 5.17
RIPE Region origin ASes announcing only one prefix: 7969
RIPE Region transit ASes present in the Internet Routing Table: 2499
Average RIPE Region AS path length visible: 4.7
Max RIPE Region AS path length visible: 33
Number of RIPE region 32-bit ASNs visible in the Routing Table: 1043
Number of RIPE addresses announced to Internet: 490533248
Equivalent to 29 /8s, 60 /16s and 241 /24s
Percentage of available RIPE address space announced: 79.0
RIPE AS Blocks 1877-1901, 2043, 2047, 2107-2136, 2585-2614
(pre-ERX allocations) 2773-2822, 2830-2879, 3154-3353, 5377-5631
6656-6911, 8192-9215, 12288-13311, 15360-16383
20480-21503, 24576-25599, 28672-29695
30720-31743, 33792-35839, 38912-39935
40960-45055, 47104-52223, 56320-58367
196608-198655
RIPE Address Blocks 2/8, 5/8, 25/8, 31/8, 37/8, 46/8, 51/8,
62/8, 77/8, 78/8, 79/8, 80/8, 81/8, 82/8,
83/8, 84/8, 85/8, 86/8, 87/8, 88/8, 89/8,
90/8, 91/8, 92/8, 93/8, 94/8, 95/8, 109/8,
176/8, 178/8, 185/8, 193/8, 194/8, 195/8, 212/8,
213/8, 217/8,
LACNIC Region Analysis Summary
------------------------------
Prefixes being announced by LACNIC Region ASes: 35060
Total LACNIC prefixes after maximum aggregation: 7852
LACNIC Deaggregation factor: 4.47
Prefixes being announced from the LACNIC address blocks: 34492
Unique aggregates announced from the LACNIC address blocks: 18093
LACNIC Region origin ASes present in the Internet Routing Table: 1532
LACNIC Prefixes per ASN: 22.51
LACNIC Region origin ASes announcing only one prefix: 451
LACNIC Region transit ASes present in the Internet Routing Table: 280
Average LACNIC Region AS path length visible: 4.5
Max LACNIC Region AS path length visible: 19
Number of LACNIC region 32-bit ASNs visible in the Routing Table: 329
Number of LACNIC addresses announced to Internet: 90288768
Equivalent to 5 /8s, 97 /16s and 178 /24s
Percentage of available LACNIC address space announced: 59.8
LACNIC AS Blocks 26592-26623, 27648-28671, 52224-53247,
262144-263167 plus ERX transfers
LACNIC Address Blocks 177/8, 179/8, 181/8, 186/8, 187/8, 189/8, 190/8,
200/8, 201/8,
AfriNIC Region Analysis Summary
-------------------------------
Prefixes being announced by AfriNIC Region ASes: 8536
Total AfriNIC prefixes after maximum aggregation: 2003
AfriNIC Deaggregation factor: 4.26
Prefixes being announced from the AfriNIC address blocks: 6622
Unique aggregates announced from the AfriNIC address blocks: 1978
AfriNIC Region origin ASes present in the Internet Routing Table: 487
AfriNIC Prefixes per ASN: 13.60
AfriNIC Region origin ASes announcing only one prefix: 155
AfriNIC Region transit ASes present in the Internet Routing Table: 104
Average AfriNIC Region AS path length visible: 4.6
Max AfriNIC Region AS path length visible: 25
Number of AfriNIC region 32-bit ASNs visible in the Routing Table: 3
Number of AfriNIC addresses announced to Internet: 27800320
Equivalent to 1 /8s, 168 /16s and 51 /24s
Percentage of available AfriNIC address space announced: 41.4
AfriNIC AS Blocks 36864-37887, 327680-328703 & ERX transfers
AfriNIC Address Blocks 41/8, 102/8, 105/8, 197/8,
APNIC Region per AS prefix count summary
----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
4766 2493 11047 956 Korea Telecom (KIX)
17974 1963 519 33 PT TELEKOMUNIKASI INDONESIA
7545 1607 303 84 TPG Internet Pty Ltd
4755 1543 638 176 TATA Communications formerly
7552 1394 1064 7 Vietel Corporation
24560 1180 345 206 Bharti Airtel Ltd., Telemedia
9829 1165 989 28 BSNL National Internet Backbo
9583 1087 80 503 Sify Limited
4808 1074 2096 303 CNCGROUP IP network: China169
18101 951 165 142 Reliance Infocom Ltd Internet
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-APNIC
ARIN Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 3553 3817 222 bellsouth.net, inc.
18566 1915 366 239 Covad Communications
7029 1897 1016 196 Windstream Communications Inc
1785 1830 680 121 PaeTec Communications, Inc.
4323 1626 1083 392 Time Warner Telecom
20115 1593 1541 636 Charter Communications
22773 1458 2907 100 Cox Communications, Inc.
19262 1394 4728 400 Verizon Global Networks
30036 1385 250 676 Mediacom Communications Corp
7018 1337 7049 875 AT&T WorldNet Services
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-ARIN
RIPE Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
8402 1412 352 13 Corbina telecom
6830 635 1890 410 UPC Distribution Services
34984 578 108 180 BILISIM TELEKOM
20940 543 183 417 Akamai Technologies European
3320 503 8169 385 Deutsche Telekom AG
12479 481 593 7 Uni2 Autonomous System
3292 480 2082 407 TDC Tele Danmark
8866 460 133 26 Bulgarian Telecommunication C
29049 424 31 55 AzerSat LLC.
8551 404 354 44 Bezeq International
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-RIPE
LACNIC Region per AS prefix count summary
-----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
10620 1680 310 154 TVCABLE BOGOTA
8151 1411 2839 344 UniNet S.A. de C.V.
28573 1363 1013 79 NET Servicos de Comunicao S.A
7303 1163 683 175 Telecom Argentina Stet-France
14420 756 59 87 CORPORACION NACIONAL DE TELEC
22047 579 322 17 VTR PUNTO NET S.A.
6503 575 450 69 AVANTEL, S.A.
27947 575 71 83 Telconet S.A
3816 536 232 95 Empresa Nacional de Telecomun
11172 521 85 94 Servicios Alestra S.A de C.V
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-LACNIC
AfriNIC Region per AS prefix count summary
------------------------------------------
ASN No of nets /20 equiv MaxAgg Description
24863 814 146 36 LINKdotNET AS number
8452 723 445 11 TEDATA
15475 445 74 8 Nile Online
36992 298 415 19 Etisalat MISR
3741 278 938 230 The Internet Solution
15706 244 32 6 Sudatel Internet Exchange Aut
6713 242 519 14 Itissalat Al-MAGHRIB
12258 198 28 58 Vodacom Internet Company
33776 197 13 13 Starcomms Nigeria Limited
29571 192 17 11 Ci Telecom Autonomous system
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-AFRINIC
Global Per AS prefix count summary
----------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 3553 3817 222 bellsouth.net, inc.
4766 2493 11047 956 Korea Telecom (KIX)
17974 1963 519 33 PT TELEKOMUNIKASI INDONESIA
18566 1915 366 239 Covad Communications
7029 1897 1016 196 Windstream Communications Inc
1785 1830 680 121 PaeTec Communications, Inc.
10620 1680 310 154 TVCABLE BOGOTA
4323 1626 1083 392 Time Warner Telecom
7545 1607 303 84 TPG Internet Pty Ltd
20115 1593 1541 636 Charter Communications
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet
Global Per AS Maximum Aggr summary
----------------------------------
ASN No of nets Net Savings Description
17974 1963 1930 PT TELEKOMUNIKASI INDONESIA
1785 1830 1709 PaeTec Communications, Inc.
7029 1897 1701 Windstream Communications Inc
18566 1915 1676 Covad Communications
4766 2493 1537 Korea Telecom (KIX)
10620 1680 1526 TVCABLE BOGOTA
7545 1607 1523 TPG Internet Pty Ltd
8402 1412 1399 Corbina telecom
7552 1394 1387 Vietel Corporation
4755 1543 1367 TATA Communications formerly
Complete listing at http://thyme.rand.apnic.net/current/data-CIDRnet
List of Unregistered Origin ASNs (Global)
-----------------------------------------
Bad AS Designation Network Transit AS Description
15132 UNALLOCATED 12.9.150.0/24 7018 AT&T WorldNet Servic
32567 UNALLOCATED 12.14.170.0/24 4323 Time Warner Telecom
32567 UNALLOCATED 12.25.107.0/24 4323 Time Warner Telecom
25639 UNALLOCATED 12.41.169.0/24 7018 AT&T WorldNet Servic
13317 UNALLOCATED 12.44.10.0/24 7018 AT&T WorldNet Servic
23502 UNALLOCATED 12.44.44.0/24 7018 AT&T WorldNet Servic
17300 UNALLOCATED 12.45.103.0/24 7018 AT&T WorldNet Servic
17300 UNALLOCATED 12.45.110.0/24 701 UUNET Technologies,
16476 UNALLOCATED 12.46.27.0/24 7018 AT&T WorldNet Servic
32873 UNALLOCATED 12.46.100.0/23 10912 InterNAP Network Ser
Complete listing at http://thyme.rand.apnic.net/current/data-badAS
Prefixes from private and non-routed address space (Global)
-----------------------------------------------------------
Prefix Origin AS Description
128.0.8.0/22 47926 Lutsche.net Ltd
128.0.12.0/22 47926 Lutsche.net Ltd
128.0.80.0/24 30977 JSC "Yugra-Telecom"
128.0.81.0/24 30977 JSC "Yugra-Telecom"
128.0.82.0/24 30977 JSC "Yugra-Telecom"
128.0.83.0/24 30977 JSC "Yugra-Telecom"
128.0.84.0/24 30977 JSC "Yugra-Telecom"
128.0.85.0/24 30977 JSC "Yugra-Telecom"
128.0.86.0/24 30977 JSC "Yugra-Telecom"
128.0.87.0/24 30977 JSC "Yugra-Telecom"
Complete listing at http://thyme.rand.apnic.net/current/data-dsua
Advertised Unallocated Addresses
--------------------------------
Network Origin AS Description
24.225.128.0/18 36377 Comcast Telecommunications, I
24.225.192.0/23 36377 Comcast Telecommunications, I
24.225.192.0/18 36377 Comcast Telecommunications, I
24.225.224.0/21 36377 Comcast Telecommunications, I
24.225.237.0/24 36377 Comcast Telecommunications, I
24.225.248.0/21 36377 Comcast Telecommunications, I
41.222.79.0/24 36938 >>UNKNOWN<<
41.223.92.0/22 36936 >>UNKNOWN<<
62.61.220.0/24 24974 Tachyon Europe BV - Wireless
62.61.221.0/24 24974 Tachyon Europe BV - Wireless
Complete listing at http://thyme.rand.apnic.net/current/data-add-IANA
Number of prefixes announced per prefix length (Global)
-------------------------------------------------------
/1:0 /2:0 /3:0 /4:0 /5:0 /6:0
/7:0 /8:19 /9:12 /10:27 /11:82 /12:235
/13:464 /14:806 /15:1422 /16:12001 /17:5999 /18:10038
/19:19859 /20:27183 /21:27239 /22:36807 /23:34975 /24:195647
/25:1112 /26:1319 /27:725 /28:167 /29:4 /30:0
/31:0 /32:5
Advertised prefixes smaller than registry allocations
-----------------------------------------------------
ASN No of nets Total ann. Description
6389 2190 3553 bellsouth.net, inc.
18566 1871 1915 Covad Communications
7029 1589 1897 Windstream Communications Inc
10620 1575 1680 TVCABLE BOGOTA
8402 1389 1412 Corbina telecom
30036 1347 1385 Mediacom Communications Corp
11492 1115 1153 Cable One
1785 1055 1830 PaeTec Communications, Inc.
7011 1048 1167 Citizens Utilities
22773 947 1458 Cox Communications, Inc.
Complete listing at http://thyme.rand.apnic.net/current/data-sXXas-nos
Number of /24s announced per /8 block (Global)
----------------------------------------------
1:386 2:473 4:15 5:1 6:3 8:356
12:1951 13:1 14:533 15:11 16:3 17:7
20:10 23:54 24:1691 27:965 31:582 32:65
33:4 34:2 36:4 38:751 40:108 41:2639
42:48 44:3 46:998 47:3 49:264 50:436
52:13 55:5 56:2 57:37 58:882 59:491
60:365 61:1176 62:1088 63:1933 64:4047 65:2303
66:4014 67:1962 68:1106 69:3196 70:836 71:378
72:1849 74:2488 75:364 76:341 77:884 78:868
79:478 80:1128 81:840 82:497 83:504 84:624
85:1118 86:405 87:873 88:353 89:1601 90:269
91:4158 92:528 93:1374 94:1306 95:1028 96:437
97:280 98:899 99:37 101:210 103:342 106:70
107:61 108:54 109:1041 110:668 111:795 112:322
113:482 114:573 115:697 116:874 117:712 118:893
119:1232 120:338 121:692 122:1606 123:1020 124:1365
125:1381 128:253 129:175 130:166 131:584 132:112
133:21 134:214 135:54 136:213 137:139 138:288
139:125 140:496 141:292 142:387 143:420 144:493
145:63 146:472 147:215 148:636 149:266 150:151
151:193 152:447 153:179 154:7 155:386 156:207
157:329 158:151 159:467 160:320 161:206 162:337
163:179 164:513 165:367 166:537 167:434 168:744
169:145 170:864 171:86 172:1 173:1671 174:658
175:408 176:266 177:287 178:1053 180:1103 181:37
182:630 183:210 184:368 185:1 186:1513 187:670
188:928 189:858 190:5193 192:5911 193:5021 194:3528
195:3105 196:1241 197:186 198:3623 199:4142 200:5517
201:1646 202:8575 203:8489 204:4295 205:2364 206:2675
207:2822 208:4036 209:3452 210:2691 211:1457 212:2061
213:1779 214:793 215:90 216:4919 217:1601 218:560
219:339 220:1241 221:513 222:342 223:285
End of report
1
0
Dear colleagues,
Geoff Huston has been monitoring the global routing system for many
years. Read on RIPE Labs about his most recent observations:
http://labs.ripe.net/Members/gih/routing-2011
Kind Regards,
Mirjam
1
1
BGP Update Report
Interval: 22-Sep-11 -to- 29-Sep-11 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS9829 44536 2.8% 61.9 -- BSNL-NIB National Internet Backbone
2 - AS5800 36718 2.3% 180.9 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center
3 - AS38040 29537 1.9% 2109.8 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
4 - AS6316 29336 1.9% 1466.8 -- AS-PAETEC-NET - PaeTec Communications, Inc.
5 - AS32528 23323 1.5% 7774.3 -- ABBOTT Abbot Labs
6 - AS9246 21941 1.4% 2742.6 -- GTA-AP Teleguam Holdings, LLC
7 - AS9498 20692 1.3% 25.0 -- BBIL-AP BHARTI Airtel Ltd.
8 - AS16916 16874 1.1% 3374.8 -- NETLOGIC-WEST - INFINIPLEX LLC DBA NETLOGIC
9 - AS16010 15785 1.0% 129.4 -- RUSTAVI2ONLINEAS Caucasus Online LLC
10 - AS50975 14852 0.9% 7426.0 -- AVX_AS AVX Czech republic s.r.o
11 - AS8866 14004 0.9% 30.0 -- BTC-AS Bulgarian Telecommunication Company Plc.
12 - AS9475 13406 0.8% 957.6 -- WU-TH-AP Walailuk University
13 - AS17974 13239 0.8% 8.7 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
14 - AS8402 12985 0.8% 12.8 -- CORBINA-AS OJSC "Vimpelcom"
15 - AS8151 12023 0.8% 12.3 -- Uninet S.A. de C.V.
16 - AS7552 11853 0.8% 8.5 -- VIETEL-AS-AP Vietel Corporation
17 - AS9808 11389 0.7% 17.1 -- CMNET-GD Guangdong Mobile Communication Co.Ltd.
18 - AS9562 9980 0.6% 2495.0 -- MSU-TH-AP Mahasarakham University
19 - AS9649 9765 0.6% 184.2 -- MOPH-TH-AP Information Technology Office
20 - AS22793 9582 0.6% 9582.0 -- CASSOCORP - CASSO Corporation
TOP 20 Unstable Origin AS (Updates per announced prefix)
Rank ASN Upds % Upds/Pfx AS-Name
1 - AS22793 9582 0.6% 9582.0 -- CASSOCORP - CASSO Corporation
2 - AS32528 23323 1.5% 7774.3 -- ABBOTT Abbot Labs
3 - AS50975 14852 0.9% 7426.0 -- AVX_AS AVX Czech republic s.r.o
4 - AS8499 4650 0.3% 4650.0 -- Space Hellas S.A.
5 - AS16916 16874 1.1% 3374.8 -- NETLOGIC-WEST - INFINIPLEX LLC DBA NETLOGIC
6 - AS9246 21941 1.4% 2742.6 -- GTA-AP Teleguam Holdings, LLC
7 - AS9562 9980 0.6% 2495.0 -- MSU-TH-AP Mahasarakham University
8 - AS3976 2391 0.1% 2391.0 -- ERX-NURI-ASN I.Net Technologies Inc.
9 - AS38040 29537 1.9% 2109.8 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
10 - AS20098 2067 0.1% 2067.0 -- BCBS-AL - Blue Cross Blue Shield of Alabama
11 - AS8011 3426 0.2% 1713.0 -- AS8011 - CoreComm Internet Services Inc
12 - AS6316 29336 1.9% 1466.8 -- AS-PAETEC-NET - PaeTec Communications, Inc.
13 - AS17425 7550 0.5% 1258.3 -- EPA-AS-TH Provincial Electricity Authority of Thailand.
14 - AS44025 1218 0.1% 1218.0 -- KAMTELEKOM-NET Kamtelekom Ltd.
15 - AS17408 3304 0.2% 1101.3 -- ABOVE-AS-AP AboveNet Communications Taiwan
16 - AS9475 13406 0.8% 957.6 -- WU-TH-AP Walailuk University
17 - AS56772 920 0.1% 920.0 -- UFMOLDOVA-AS I.C.S. "RED UNION FENOSA" S.A.
18 - AS3 1787 0.1% 288.0 -- CICA Centro Informatico Cientifico de Andalucia
19 - AS3 593 0.0% 597.0 -- CICA Centro Informatico Cientifico de Andalucia
20 - AS38543 2260 0.1% 565.0 -- IBM-TH-AS-AP IBM THAILAND NETWORK
TOP 20 Unstable Prefixes
Rank Prefix Upds % Origin AS -- AS Name
1 - 206.80.93.0/24 16867 1.0% AS16916 -- NETLOGIC-WEST - INFINIPLEX LLC DBA NETLOGIC
2 - 202.92.235.0/24 14393 0.8% AS9498 -- BBIL-AP BHARTI Airtel Ltd.
3 - 213.16.48.0/24 11975 0.7% AS8866 -- BTC-AS Bulgarian Telecommunication Company Plc.
4 - 130.36.34.0/24 11657 0.7% AS32528 -- ABBOTT Abbot Labs
5 - 130.36.35.0/24 11657 0.7% AS32528 -- ABBOTT Abbot Labs
6 - 66.248.120.0/21 10574 0.6% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
7 - 66.248.96.0/21 9639 0.6% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
8 - 207.53.145.0/24 9582 0.6% AS22793 -- CASSOCORP - CASSO Corporation
9 - 66.248.104.0/21 9064 0.5% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc.
10 - 109.75.0.0/21 8228 0.5% AS50975 -- AVX_AS AVX Czech republic s.r.o
11 - 109.75.8.0/23 6624 0.4% AS50975 -- AVX_AS AVX Czech republic s.r.o
12 - 180.180.253.0/24 5869 0.3% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
13 - 180.180.250.0/24 5826 0.3% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
14 - 180.180.248.0/24 5825 0.3% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
15 - 145.36.122.0/24 5630 0.3% AS7046 -- RFC2270-UUNET-CUSTOMER - MCI Communications Services, Inc. d/b/a Verizon Business
16 - 180.180.249.0/24 4962 0.3% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
17 - 202.41.70.0/24 4828 0.3% AS2697 -- ERX-ERNET-AS Education and Research Network
18 - 195.190.32.0/19 4650 0.3% AS8499 -- Space Hellas S.A.
19 - 180.180.255.0/24 4417 0.3% AS38040 -- GLOBAL-TRANSIT-TOT-IIG-TH TOT Public Company Limited
20 - 200.23.202.0/24 3766 0.2% AS3454 -- Universidad Autonoma de Nuevo Leon
Details at http://bgpupdates.potaroo.net
------------------------------------
Copies of this report are mailed to:
nanog(a)nanog.org
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
This report has been generated at Fri Sep 30 21:12:35 2011 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date Prefixes CIDR Agg
23-09-11 377111 221388
24-09-11 377558 221596
25-09-11 377652 221708
26-09-11 377754 222001
27-09-11 377784 221985
28-09-11 378019 221838
29-09-11 378145 221391
30-09-11 377480 221774
AS Summary
39016 Number of ASes in routing system
16481 Number of ASes announcing only one prefix
3556 Largest number of prefixes announced by an AS
AS6389 : BELLSOUTH-NET-BLK - BellSouth.net Inc.
108295136 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 30Sep11 ---
ASnum NetsNow NetsAggr NetGain % Gain Description
Table 377614 221830 155784 41.3% All ASes
AS6389 3556 228 3328 93.6% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS18566 1915 380 1535 80.2% COVAD - Covad Communications
Co.
AS4766 2509 979 1530 61.0% KIXS-AS-KR Korea Telecom
AS22773 1457 110 1347 92.5% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS4755 1543 231 1312 85.0% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS4323 1629 394 1235 75.8% TWTC - tw telecom holdings,
inc.
AS28573 1368 319 1049 76.7% NET Servicos de Comunicao S.A.
AS1785 1832 784 1048 57.2% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS19262 1395 401 994 71.3% VZGNI-TRANSIT - Verizon Online
LLC
AS7552 1392 430 962 69.1% VIETEL-AS-AP Vietel
Corporation
AS7303 1164 321 843 72.4% Telecom Argentina S.A.
AS10620 1681 843 838 49.9% Telmex Colombia S.A.
AS18101 954 155 799 83.8% RELIANCE-COMMUNICATIONS-IN
Reliance Communications
Ltd.DAKC MUMBAI
AS24560 1173 391 782 66.7% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS8151 1415 649 766 54.1% Uninet S.A. de C.V.
AS4808 1074 335 739 68.8% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS30036 1390 671 719 51.7% MEDIACOM-ENTERPRISE-BUSINESS -
Mediacom Communications Corp
AS7545 1607 895 712 44.3% TPG-INTERNET-AP TPG Internet
Pty Ltd
AS3356 1104 450 654 59.2% LEVEL3 Level 3 Communications
AS14420 742 91 651 87.7% CORPORACION NACIONAL DE
TELECOMUNICACIONES - CNT EP
AS3549 1055 448 607 57.5% GBLX Global Crossing Ltd.
AS20115 1595 988 607 38.1% CHARTER-NET-HKY-NC - Charter
Communications
AS22561 967 363 604 62.5% DIGITAL-TELEPORT - Digital
Teleport Inc.
AS17676 673 70 603 89.6% GIGAINFRA Softbank BB Corp.
AS4804 677 89 588 86.9% MPX-AS Microplex PTY LTD
AS17974 1983 1414 569 28.7% TELKOMNET-AS2-AP PT
Telekomunikasi Indonesia
AS22047 581 28 553 95.2% VTR BANDA ANCHA S.A.
AS8402 1186 637 549 46.3% CORBINA-AS OJSC "Vimpelcom"
AS7011 1173 647 526 44.8% FRONTIER-AND-CITIZENS -
Frontier Communications of
America, Inc.
AS17488 908 390 518 57.0% HATHWAY-NET-AP Hathway IP Over
Cable Internet
Total 41698 14131 27567 66.1% Top 30 total
Possible Bogus Routes
5.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
5.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
5.1.24.0/24 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
10.86.64.32/30 AS65530 -Private Use AS-
10.86.64.36/30 AS65530 -Private Use AS-
10.86.65.32/30 AS65530 -Private Use AS-
10.86.65.36/30 AS65530 -Private Use AS-
10.255.255.0/30 AS65530 -Private Use AS-
10.255.255.4/30 AS65530 -Private Use AS-
10.255.255.8/30 AS65530 -Private Use AS-
41.222.79.0/24 AS36938 AMSCOTELECOMS Amsco Telecommunications Nigeria Limited
41.223.92.0/22 AS36936 CELTEL-GABON Celtel Gabon Internet Service
62.61.220.0/24 AS24974 TACHYON-EU Tachyon Europe BV
62.61.221.0/24 AS24974 TACHYON-EU Tachyon Europe BV
64.21.192.0/20 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.21.212.0/22 AS11610 INETNEBR-1 - Internet Nebraska Corporation
64.21.216.0/21 AS11610 INETNEBR-1 - Internet Nebraska Corporation
66.171.32.0/20 AS705 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
66.180.239.0/24 AS35888 VIGNETTE - VIGNETTE CORPORATION
66.206.47.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
66.207.32.0/20 AS23011
66.245.176.0/20 AS19318 NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC
69.6.80.0/24 AS13442
71.19.134.0/23 AS3313 INET-AS BT Italia S.p.A.
80.88.10.0/24 AS33774 DJAWEB
89.145.168.0/21 AS3257 TINET-BACKBONE Tinet SpA
110.34.44.0/22 AS12653 COMTONET KB Impuls Hellas
116.206.72.0/24 AS6461 MFNX MFN - Metromedia Fiber Network
116.206.85.0/24 AS6461 MFNX MFN - Metromedia Fiber Network
116.206.103.0/24 AS6461 MFNX MFN - Metromedia Fiber Network
117.120.56.0/21 AS4755 TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
121.46.0.0/16 AS4134 CHINANET-BACKBONE No.31,Jin-rong Street
142.54.0.0/19 AS23498 CDSI - Cogeco Data Services Inc.
172.102.0.0/22 AS4812 CHINANET-SH-AP China Telecom (Group)
185.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
185.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
185.24.0.0/24 AS12654 RIPE-NCC-RIS-AS RIPE Network Coordination Center
188.32.0.0/16 AS42610 NCNET-AS National Cable Networks
190.102.32.0/20 AS30058 FDCSERVERS - FDCservers.net
190.104.32.0/21 AS27882 Telefónica Celular de Bolivia S.A.
193.111.87.0/24 AS24812
200.6.93.0/24 AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL
200.6.94.0/24 AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL
200.6.95.0/24 AS6400 Compañía Dominicana de Teléfonos, C. por A. - CODETEL
200.23.84.0/24 AS8151 Uninet S.A. de C.V.
200.24.73.0/24 AS26061 Equant Colombia
200.24.78.0/26 AS3549 GBLX Global Crossing Ltd.
200.24.78.64/26 AS3549 GBLX Global Crossing Ltd.
200.33.40.0/24 AS11172 Alestra, S. de R.L. de C.V.
200.34.0.0/20 AS6342 Instituto Tecnológico y de Estudios Superiores de Monterrey
200.53.0.0/19 AS13878 Diveo do Brasil Telecomunicacoes Ltda
202.1.224.0/24 AS10097 FLOWCOM Flow Communications 2/541 Kent St Sydney NSW 2000
202.9.55.0/24 AS2764 AAPT AAPT Limited
202.9.57.0/24 AS2764 AAPT AAPT Limited
202.58.113.0/24 AS19161
202.61.75.0/24 AS9927 PHILCOMNET-PH A Multihomed ISP Company
202.74.232.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.74.233.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.83.120.0/21 AS37972
202.83.124.0/24 AS37972
202.83.125.0/24 AS37972
202.83.126.0/24 AS37972
202.94.1.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
202.133.70.0/24 AS38616 WORLDCALL-AS-KHI Worldcall Telecom Limited
202.160.152.0/22 AS10113 DATAFAST-AP DATAFAST TELECOMMUNICATIONS LTD
202.174.125.0/24 AS9498 BBIL-AP BHARTI Airtel Ltd.
202.176.1.0/24 AS9942 COMINDICO-AP SOUL Converged Communications Australia
202.179.131.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
202.179.134.0/24 AS23966 LDN-AS-PK LINKdotNET Telecom Limited
202.179.144.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited
203.23.1.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.24.38.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.30.127.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.86.0/23 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.86.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.87.0/24 AS18111 NETSPEED-AS-AP Netspeed Internet Communications
203.32.188.0/24 AS1221 ASN-TELSTRA Telstra Pty Ltd
203.142.219.0/24 AS45149
203.175.107.0/24 AS45595 PKTELECOM-AS-PK Pakistan Telecom Company Limited
205.150.0.0/15 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business
205.175.214.0/24 AS5583 ORANGE-BUSINESS-SERVICES-BENELUX Orange Business Services (formerly Equant) AS for BENELUX
205.207.148.0/23 AS812 ROGERS-CABLE - Rogers Cable Communications Inc.
206.72.192.0/23 AS16526 BIRCH-TELECOM - Birch Telecom, Inc.
206.72.194.0/23 AS16526 BIRCH-TELECOM - Birch Telecom, Inc.
206.123.129.0/24 AS10790 INREACH-AS - InReach Internet
206.180.240.0/20 AS12083 KNOLOGY-NET - Knology Holdings
206.197.184.0/24 AS23304 DATOTEL-STL-AS - Datotel LLC, a NetLabs LLC Company
207.174.131.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.132.0/23 AS26116 INDRA - Indra's Net Inc.
207.174.152.0/23 AS26116 INDRA - Indra's Net Inc.
207.174.154.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.155.0/24 AS26116 INDRA - Indra's Net Inc.
207.174.200.0/24 AS22658 EARTHNET - Earthnet, Inc.
207.174.248.0/21 AS6653 PRIVATEI - privateI, LLC
207.231.96.0/19 AS11194 NUNETPA - NuNet Inc.
208.64.240.0/21 AS13871 TELEBYTE-NW - Telebyte NW
208.83.53.0/24 AS40569 YGOMI-AS - Ygomi LLC
209.148.64.0/19 AS13773 TELNETCOMM - Telnet Communications
209.177.64.0/20 AS6461 MFNX MFN - Metromedia Fiber Network
209.213.0.0/20 AS33005 ELTOPIA - Eltopia.com, LLC
210.56.150.0/23 AS38138 INTECH-TRANSIT-BD InTech Online Limited, INTERNET SERVICE LIMITED
216.21.160.0/20 AS13818 PHX-INTL-TELEPORT - Phoenix International Teleport
216.58.200.0/24 AS18530 ISOMEDIA-1 - Isomedia Inc.
216.194.160.0/20 AS13818 PHX-INTL-TELEPORT - Phoenix International Teleport
223.130.17.0/24 AS45500 BGEPTYLTD-AS-AP BG&E Pty Limited
Please see http://www.cidr-report.org for the full report
------------------------------------
Copies of this report are mailed to:
nanog(a)nanog.org
eof-list(a)ripe.net
apops(a)apops.net
routing-wg(a)ripe.net
afnog(a)afnog.org
1
0
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG,
CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to bgp-stats(a)lists.apnic.net
For historical data, please see http://thyme.rand.apnic.net.
If you have any comments please contact Philip Smith <pfsinoz(a)gmail.com>.
Routing Table Report 04:00 +10GMT Sat 01 Oct, 2011
Report Website: http://thyme.rand.apnic.net
Detailed Analysis: http://thyme.rand.apnic.net/current/
Analysis Summary
----------------
BGP routing table entries examined: 374848
Prefixes after maximum aggregation: 168719
Deaggregation factor: 2.22
Unique aggregates announced to Internet: 185153
Total ASes present in the Internet Routing Table: 38930
Prefixes per ASN: 9.63
Origin-only ASes present in the Internet Routing Table: 32252
Origin ASes announcing only one prefix: 15477
Transit ASes present in the Internet Routing Table: 5218
Transit-only ASes present in the Internet Routing Table: 137
Average AS path length visible in the Internet Routing Table: 4.4
Max AS path length visible: 33
Max AS path prepend of ASN (48687) 24
Prefixes from unregistered ASNs in the Routing Table: 1474
Unregistered ASNs in the Routing Table: 802
Number of 32-bit ASNs allocated by the RIRs: 1802
Number of 32-bit ASNs visible in the Routing Table: 1460
Prefixes from 32-bit ASNs in the Routing Table: 3347
Special use prefixes present in the Routing Table: 0
Prefixes being announced from unallocated address space: 103
Number of addresses announced to Internet: 2481536768
Equivalent to 147 /8s, 233 /16s and 63 /24s
Percentage of available address space announced: 67.0
Percentage of allocated address space announced: 67.0
Percentage of available address space allocated: 100.0
Percentage of address space in use by end-sites: 91.4
Total number of prefixes smaller than registry allocations: 156962
APNIC Region Analysis Summary
-----------------------------
Prefixes being announced by APNIC Region ASes: 93945
Total APNIC prefixes after maximum aggregation: 30799
APNIC Deaggregation factor: 3.05
Prefixes being announced from the APNIC address blocks: 90409
Unique aggregates announced from the APNIC address blocks: 37945
APNIC Region origin ASes present in the Internet Routing Table: 4567
APNIC Prefixes per ASN: 19.80
APNIC Region origin ASes announcing only one prefix: 1260
APNIC Region transit ASes present in the Internet Routing Table: 707
Average APNIC Region AS path length visible: 4.5
Max APNIC Region AS path length visible: 19
Number of APNIC region 32-bit ASNs visible in the Routing Table: 90
Number of APNIC addresses announced to Internet: 628377696
Equivalent to 37 /8s, 116 /16s and 72 /24s
Percentage of available APNIC address space announced: 79.7
APNIC AS Blocks 4608-4864, 7467-7722, 9216-10239, 17408-18431
(pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319,
58368-59391, 131072-132095, 132096-133119
APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8,
49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8,
106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8,
116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8,
123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8,
182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8,
219/8, 220/8, 221/8, 222/8, 223/8,
ARIN Region Analysis Summary
----------------------------
Prefixes being announced by ARIN Region ASes: 143988
Total ARIN prefixes after maximum aggregation: 73994
ARIN Deaggregation factor: 1.95
Prefixes being announced from the ARIN address blocks: 116124
Unique aggregates announced from the ARIN address blocks: 47994
ARIN Region origin ASes present in the Internet Routing Table: 14694
ARIN Prefixes per ASN: 7.90
ARIN Region origin ASes announcing only one prefix: 5653
ARIN Region transit ASes present in the Internet Routing Table: 1557
Average ARIN Region AS path length visible: 4.0
Max ARIN Region AS path length visible: 25
Number of ARIN region 32-bit ASNs visible in the Routing Table: 12
Number of ARIN addresses announced to Internet: 804495360
Equivalent to 47 /8s, 243 /16s and 160 /24s
Percentage of available ARIN address space announced: 63.9
ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106
(pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153
3354-4607, 4865-5119, 5632-6655, 6912-7466
7723-8191, 10240-12287, 13312-15359, 16384-17407
18432-20479, 21504-23551, 25600-26591,
26624-27647, 29696-30719, 31744-33791
35840-36863, 39936-40959, 46080-47103
53248-55295, 393216-394239
ARIN Address Blocks 3/8, 4/8, 6/8, 7/8, 8/8, 9/8, 11/8,
12/8, 13/8, 15/8, 16/8, 17/8, 18/8, 19/8,
20/8, 21/8, 22/8, 23/8, 24/8, 26/8, 28/8,
29/8, 30/8, 32/8, 33/8, 34/8, 35/8, 38/8,
40/8, 44/8, 45/8, 47/8, 48/8, 50/8, 52/8,
53/8, 54/8, 55/8, 56/8, 57/8, 63/8, 64/8,
65/8, 66/8, 67/8, 68/8, 69/8, 70/8, 71/8,
72/8, 73/8, 74/8, 75/8, 76/8, 96/8, 97/8,
98/8, 99/8, 100/8, 104/8, 107/8, 108/8, 173/8,
174/8, 184/8, 199/8, 204/8, 205/8, 206/8, 207/8,
208/8, 209/8, 214/8, 215/8, 216/8,
RIPE Region Analysis Summary
----------------------------
Prefixes being announced by RIPE Region ASes: 89839
Total RIPE prefixes after maximum aggregation: 50430
RIPE Deaggregation factor: 1.78
Prefixes being announced from the RIPE address blocks: 82551
Unique aggregates announced from the RIPE address blocks: 54098
RIPE Region origin ASes present in the Internet Routing Table: 16005
RIPE Prefixes per ASN: 5.16
RIPE Region origin ASes announcing only one prefix: 7962
RIPE Region transit ASes present in the Internet Routing Table: 2506
Average RIPE Region AS path length visible: 4.7
Max RIPE Region AS path length visible: 33
Number of RIPE region 32-bit ASNs visible in the Routing Table: 1032
Number of RIPE addresses announced to Internet: 490070912
Equivalent to 29 /8s, 53 /16s and 227 /24s
Percentage of available RIPE address space announced: 78.9
RIPE AS Blocks 1877-1901, 2043, 2047, 2107-2136, 2585-2614
(pre-ERX allocations) 2773-2822, 2830-2879, 3154-3353, 5377-5631
6656-6911, 8192-9215, 12288-13311, 15360-16383
20480-21503, 24576-25599, 28672-29695
30720-31743, 33792-35839, 38912-39935
40960-45055, 47104-52223, 56320-58367
196608-198655
RIPE Address Blocks 2/8, 5/8, 25/8, 31/8, 37/8, 46/8, 51/8,
62/8, 77/8, 78/8, 79/8, 80/8, 81/8, 82/8,
83/8, 84/8, 85/8, 86/8, 87/8, 88/8, 89/8,
90/8, 91/8, 92/8, 93/8, 94/8, 95/8, 109/8,
176/8, 178/8, 185/8, 193/8, 194/8, 195/8, 212/8,
213/8, 217/8,
LACNIC Region Analysis Summary
------------------------------
Prefixes being announced by LACNIC Region ASes: 35011
Total LACNIC prefixes after maximum aggregation: 7797
LACNIC Deaggregation factor: 4.49
Prefixes being announced from the LACNIC address blocks: 34336
Unique aggregates announced from the LACNIC address blocks: 18003
LACNIC Region origin ASes present in the Internet Routing Table: 1530
LACNIC Prefixes per ASN: 22.44
LACNIC Region origin ASes announcing only one prefix: 449
LACNIC Region transit ASes present in the Internet Routing Table: 279
Average LACNIC Region AS path length visible: 4.5
Max LACNIC Region AS path length visible: 19
Number of LACNIC region 32-bit ASNs visible in the Routing Table: 322
Number of LACNIC addresses announced to Internet: 89805184
Equivalent to 5 /8s, 90 /16s and 81 /24s
Percentage of available LACNIC address space announced: 59.5
LACNIC AS Blocks 26592-26623, 27648-28671, 52224-53247,
262144-263167 plus ERX transfers
LACNIC Address Blocks 177/8, 179/8, 181/8, 186/8, 187/8, 189/8, 190/8,
200/8, 201/8,
AfriNIC Region Analysis Summary
-------------------------------
Prefixes being announced by AfriNIC Region ASes: 8547
Total AfriNIC prefixes after maximum aggregation: 2002
AfriNIC Deaggregation factor: 4.27
Prefixes being announced from the AfriNIC address blocks: 6606
Unique aggregates announced from the AfriNIC address blocks: 1963
AfriNIC Region origin ASes present in the Internet Routing Table: 488
AfriNIC Prefixes per ASN: 13.54
AfriNIC Region origin ASes announcing only one prefix: 153
AfriNIC Region transit ASes present in the Internet Routing Table: 103
Average AfriNIC Region AS path length visible: 4.6
Max AfriNIC Region AS path length visible: 25
Number of AfriNIC region 32-bit ASNs visible in the Routing Table: 4
Number of AfriNIC addresses announced to Internet: 27644160
Equivalent to 1 /8s, 165 /16s and 209 /24s
Percentage of available AfriNIC address space announced: 41.2
AfriNIC AS Blocks 36864-37887, 327680-328703 & ERX transfers
AfriNIC Address Blocks 41/8, 102/8, 105/8, 197/8,
APNIC Region per AS prefix count summary
----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
4766 2509 11048 962 Korea Telecom (KIX)
17974 1986 519 33 PT TELEKOMUNIKASI INDONESIA
7545 1607 303 86 TPG Internet Pty Ltd
4755 1546 638 176 TATA Communications formerly
24560 1184 346 195 Bharti Airtel Ltd., Telemedia
9829 1158 989 28 BSNL National Internet Backbo
7552 1105 1064 7 Vietel Corporation
9583 1086 80 502 Sify Limited
4808 1074 2096 303 CNCGROUP IP network: China169
18101 952 165 142 Reliance Infocom Ltd Internet
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-APNIC
ARIN Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 3557 3817 225 bellsouth.net, inc.
18566 1915 366 239 Covad Communications
1785 1829 680 124 PaeTec Communications, Inc.
7029 1720 1008 194 Windstream Communications Inc
4323 1625 1082 391 Time Warner Telecom
20115 1595 1542 635 Charter Communications
22773 1456 2907 100 Cox Communications, Inc.
19262 1395 4728 400 Verizon Global Networks
30036 1390 252 666 Mediacom Communications Corp
7018 1338 7051 874 AT&T WorldNet Services
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-ARIN
RIPE Region per AS prefix count summary
---------------------------------------
ASN No of nets /20 equiv MaxAgg Description
8402 1224 352 13 Corbina telecom
34984 577 108 180 BILISIM TELEKOM
6830 557 1873 333 UPC Distribution Services
20940 530 178 408 Akamai Technologies European
3320 501 8169 383 Deutsche Telekom AG
3292 479 2082 408 TDC Tele Danmark
12479 474 593 7 Uni2 Autonomous System
8866 459 133 26 Bulgarian Telecommunication C
29049 423 31 55 AzerSat LLC.
8551 404 354 44 Bezeq International
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-RIPE
LACNIC Region per AS prefix count summary
-----------------------------------------
ASN No of nets /20 equiv MaxAgg Description
10620 1681 310 155 TVCABLE BOGOTA
8151 1410 2823 344 UniNet S.A. de C.V.
28573 1368 1013 70 NET Servicos de Comunicao S.A
7303 1164 683 175 Telecom Argentina Stet-France
14420 742 58 87 CORPORACION NACIONAL DE TELEC
22047 581 322 17 VTR PUNTO NET S.A.
6503 577 450 69 AVANTEL, S.A.
27947 573 71 83 Telconet S.A
3816 536 232 98 Empresa Nacional de Telecomun
11172 521 85 93 Servicios Alestra S.A de C.V
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-LACNIC
AfriNIC Region per AS prefix count summary
------------------------------------------
ASN No of nets /20 equiv MaxAgg Description
24863 813 147 37 LINKdotNET AS number
8452 663 445 11 TEDATA
15475 449 74 8 Nile Online
36992 293 415 14 Etisalat MISR
3741 278 939 231 The Internet Solution
15706 244 32 6 Sudatel Internet Exchange Aut
6713 242 519 14 Itissalat Al-MAGHRIB
33776 239 13 8 Starcomms Nigeria Limited
12258 198 28 58 Vodacom Internet Company
29571 192 17 11 Ci Telecom Autonomous system
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet-AFRINIC
Global Per AS prefix count summary
----------------------------------
ASN No of nets /20 equiv MaxAgg Description
6389 3557 3817 225 bellsouth.net, inc.
4766 2509 11048 962 Korea Telecom (KIX)
17974 1986 519 33 PT TELEKOMUNIKASI INDONESIA
18566 1915 366 239 Covad Communications
1785 1829 680 124 PaeTec Communications, Inc.
7029 1720 1008 194 Windstream Communications Inc
10620 1681 310 155 TVCABLE BOGOTA
4323 1625 1082 391 Time Warner Telecom
7545 1607 303 86 TPG Internet Pty Ltd
20115 1595 1542 635 Charter Communications
Complete listing at http://thyme.rand.apnic.net/current/data-ASnet
Global Per AS Maximum Aggr summary
----------------------------------
ASN No of nets Net Savings Description
17974 1986 1953 PT TELEKOMUNIKASI INDONESIA
1785 1829 1705 PaeTec Communications, Inc.
18566 1915 1676 Covad Communications
4766 2509 1547 Korea Telecom (KIX)
7029 1720 1526 Windstream Communications Inc
10620 1681 1526 TVCABLE BOGOTA
7545 1607 1521 TPG Internet Pty Ltd
4755 1546 1370 TATA Communications formerly
22773 1456 1356 Cox Communications, Inc.
28573 1368 1298 NET Servicos de Comunicao S.A
Complete listing at http://thyme.rand.apnic.net/current/data-CIDRnet
List of Unregistered Origin ASNs (Global)
-----------------------------------------
Bad AS Designation Network Transit AS Description
15132 UNALLOCATED 12.9.150.0/24 7018 AT&T WorldNet Servic
32567 UNALLOCATED 12.14.170.0/24 4323 Time Warner Telecom
32567 UNALLOCATED 12.25.107.0/24 4323 Time Warner Telecom
26973 UNALLOCATED 12.39.152.0/24 7018 AT&T WorldNet Servic
26973 UNALLOCATED 12.39.154.0/23 7018 AT&T WorldNet Servic
26973 UNALLOCATED 12.39.155.0/24 7018 AT&T WorldNet Servic
26973 UNALLOCATED 12.39.159.0/24 7018 AT&T WorldNet Servic
25639 UNALLOCATED 12.41.169.0/24 7018 AT&T WorldNet Servic
13317 UNALLOCATED 12.44.10.0/24 7018 AT&T WorldNet Servic
23502 UNALLOCATED 12.44.44.0/24 7018 AT&T WorldNet Servic
Complete listing at http://thyme.rand.apnic.net/current/data-badAS
Advertised Unallocated Addresses
--------------------------------
Network Origin AS Description
24.225.128.0/18 36377 Comcast Telecommunications, I
24.225.192.0/23 36377 Comcast Telecommunications, I
24.225.192.0/18 36377 Comcast Telecommunications, I
24.225.224.0/21 36377 Comcast Telecommunications, I
24.225.237.0/24 36377 Comcast Telecommunications, I
24.225.248.0/21 36377 Comcast Telecommunications, I
41.222.79.0/24 36938 >>UNKNOWN<<
41.223.92.0/22 36936 >>UNKNOWN<<
62.61.220.0/24 24974 Tachyon Europe BV - Wireless
62.61.221.0/24 24974 Tachyon Europe BV - Wireless
Complete listing at http://thyme.rand.apnic.net/current/data-add-IANA
Number of prefixes announced per prefix length (Global)
-------------------------------------------------------
/1:0 /2:0 /3:0 /4:0 /5:0 /6:0
/7:0 /8:19 /9:12 /10:27 /11:81 /12:235
/13:463 /14:802 /15:1420 /16:11981 /17:5988 /18:10044
/19:19827 /20:26999 /21:27144 /22:36733 /23:34891 /24:194773
/25:1132 /26:1345 /27:752 /28:171 /29:4 /30:0
/31:0 /32:5
Advertised prefixes smaller than registry allocations
-----------------------------------------------------
ASN No of nets Total ann. Description
6389 2194 3557 bellsouth.net, inc.
18566 1870 1915 Covad Communications
10620 1576 1681 TVCABLE BOGOTA
7029 1417 1720 Windstream Communications Inc
30036 1351 1390 Mediacom Communications Corp
8402 1185 1224 Corbina telecom
11492 1115 1153 Cable One
1785 1054 1829 PaeTec Communications, Inc.
7011 1052 1173 Citizens Utilities
22773 945 1456 Cox Communications, Inc.
Complete listing at http://thyme.rand.apnic.net/current/data-sXXas-nos
Number of /24s announced per /8 block (Global)
----------------------------------------------
1:381 2:393 4:15 5:1 6:3 8:353
12:1956 13:1 14:532 15:13 16:3 17:7
20:10 23:36 24:1688 27:959 31:564 32:65
33:4 34:2 36:4 38:746 40:108 41:2639
42:48 44:3 46:993 47:3 49:263 50:432
52:13 55:3 56:2 57:38 58:879 59:492
60:365 61:1178 62:1089 63:1935 64:4052 65:2306
66:3979 67:1952 68:1102 69:3194 70:814 71:377
72:1849 74:2458 75:350 76:341 77:883 78:829
79:480 80:1122 81:835 82:503 83:501 84:622
85:1118 86:408 87:876 88:352 89:1591 90:268
91:4143 92:535 93:1339 94:1318 95:964 96:440
97:277 98:905 99:37 101:209 103:331 106:70
107:56 108:47 109:1034 110:663 111:796 112:322
113:449 114:569 115:681 116:870 117:689 118:866
119:1208 120:334 121:678 122:1605 123:1013 124:1353
125:1393 128:244 129:178 130:163 131:580 132:112
133:21 134:214 135:54 136:213 137:139 138:288
139:122 140:494 141:292 142:388 143:416 144:482
145:63 146:471 147:215 148:641 149:264 150:155
151:193 152:446 153:177 154:6 155:385 156:207
157:361 158:150 159:465 160:322 161:206 162:336
163:178 164:511 165:374 166:536 167:432 168:739
169:147 170:865 171:85 172:1 173:1641 174:648
175:417 176:246 177:291 178:1031 180:1090 181:37
182:627 183:215 184:355 185:1 186:1493 187:676
188:923 189:826 190:5177 192:5916 193:5011 194:3528
195:3078 196:1257 197:174 198:3626 199:4140 200:5520
201:1641 202:8580 203:8492 204:4258 205:2357 206:2676
207:2824 208:4041 209:3464 210:2696 211:1463 212:2044
213:1776 214:785 215:90 216:4897 217:1594 218:561
219:338 220:1227 221:514 222:342 223:263
End of report
1
0
[brian.e.carpenter@gmail.com: The apparent BGP4 square law relationships]
by David Kessens 28 Sep '11
by David Kessens 28 Sep '11
28 Sep '11
If you had not seen this one yet, are you perhaps interested in this one ?
(or perhaps routing wg). Brian might not be able to attend but he might be
able to get somebody else do the presentation and/or show up at the next
meeting after vienna.
I hope this helps,
David Kessens
---
----- Forwarded message from Brian E Carpenter <brian.e.carpenter(a)gmail.com> -----
Date: Wed, 14 Sep 2011 11:01:01 +1200
From: Brian E Carpenter <brian.e.carpenter(a)gmail.com>
To: iepg(a)iepg.org
Subject: The apparent BGP4 square law relationships
Reply-to: iepg(a)iepg.org
Hi,
I first talked about this topic at the IEPG meeting in Dublin 3 years
ago. I've just updated the graphs with the most recent data, so I thought
people here might be vaguely interested.
http://www.cs.auckland.ac.nz/~brian/sqlaw.html
Regards
Brian Carpenter
----- End forwarded message -----
1
0
FW: Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability
by Network IP Dog 28 Sep '11
by Network IP Dog 28 Sep '11
28 Sep '11
FYI & Heads UP!!!
-----Original Message-----
From: Cisco Systems Product Security Incident Response Team
[mailto:psirt@cisco.com]
Sent: Wednesday, September 28, 2011 9:00 AM
To: nanog(a)nanog.org
Cc: psirt(a)cisco.com
Subject: Cisco Security Advisory: Cisco IOS Software Data-Link Switching
Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco IOS Software Data-Link Switching
Vulnerability
Advisory ID: cisco-sa-20110928-dlsw
Revision 1.0
For Public Release 2011 September 28 1600 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco IOS Software contains a memory leak vulnerability in the
Data-Link Switching (DLSw) feature that could result in a device
reload when processing crafted IP Protocol 91 packets.
Cisco has released free software updates that address this
vulnerability.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20110928-dlsw.shtml.
Note: The September 28, 2011, Cisco IOS Software Security Advisory
bundled publication includes ten Cisco Security Advisories. Nine of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the Cisco IOS Software releases that
correct the vulnerability or vulnerabilities detailed in the advisory as
well as the Cisco IOS Software releases that correct all vulnerabilities
in the September 2011 Bundled Publication.
Individual publication links are in "Cisco Event Response: Semiannual
Cisco IOS Software Security Advisory Bundled Publication" at the
following link:
http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_sep11.html
Affected Products
=================
Vulnerable Products
+------------------
Cisco IOS devices with the DLSw promiscuous feature enabled are affected
by the vulnerability described in this advisory. Devices with the DLSw
promiscuous feature enabled contain a line in the configuration defining
a local DLSw peer with the promiscuous keyword. This configuration
can be observed by issuing the command "show running-config". Systems
configured with the DLSw promiscuous feature enabled contain a line
similar to one of the following:
dlsw local-peer promiscuous
or
dlsw local-peer peer-id <IP address> promiscuous
To determine the software that runs on a Cisco IOS device, log in to
the device and issue the "show version" command to display the system
banner. Cisco IOS Software identifies itself as "Cisco Internetwork
Operating System Software" or "Cisco IOS Software." Other Cisco devices
do not have the "show version" command or give different output.
The following example shows output from a device running IOS version
15.0(1)M1:
Router> show version
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version
15.0(1)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 02-Dec-09 17:17 by prod_rel_team
Additional information about Cisco IOS Software release naming
conventions is available in the white paper Cisco IOS and NX-OS
Software Reference Guide at:
http://www.cisco.com/web/about/security/intelligence/ios-ref.html.
Products Confirmed Not Vulnerable
+--------------------------------
No other Cisco products are currently known to be affected by this
vulnerability.
Details
=======
DLSw provides a means of transporting IBM Systems Network
Architecture (SNA) and network BIOS (NetBIOS) traffic over an IP
network. The Cisco implementation of DLSw over Fast Sequence
Transport (FST) uses IP Protocol 91. The promiscuous DLSw feature
permits the local peer to establish connection with remote peers that
are not statically configured.
A Cisco IOS device that is configured for DLSw listens for IP
protocol 91 packets. Depending on the DLSw configuration, UDP port
2067, and, one or more TCP ports can also be opened. The
vulnerability described in this document can only be exploited via IP
Protocol 91 and can not be exploited using either the UDP or TCP
transports.
Devices with only statically configured DLSw peers are not affected
by this vulnerability.
This vulnerability is documented in Cisco bug ID CSCth69364 and has been
assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2011-0945.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of
the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the
environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
* CSCth69364 ("DLSw FST Memory Leak")
CVSS Base Score - 7.8
Access Vector - Network
Access Complexity - Low
Authentication - None
Confidentiality Impact - None
Integrity Impact - None
Availability Impact - Complete
CVSS Temporal Score - 6.4
Exploitability - Functional
Remediation Level - Official-Fix
Report Confidence - Confirmed
Impact
======
Successful exploitation of the vulnerability may result in a memory
leak that can lead to a denial of service condition. Memory
exhaustion can cause an affected Cisco IOS device to reload or become
unresponsive; a power cycle might be required to recover from the
condition.
To identify the memory leak caused by this vulnerability, issue the
"show dlsw peers | include FST.*DISCONN" command; a monotonically
increasing list of FST peers that remain in the DISCONN state indicates
that memory is being held, as shown in the following example:
Router> show dlsw peers | include FST.*DISCONN
FST 176.74.146.194 DISCONN 1 0 prom 0 - -
-
FST 9.180.128.186 DISCONN 1 0 prom 0 - -
-
FST 139.71.105.39 DISCONN 1 0 prom 0 - -
-
FST 138.150.39.18 DISCONN 1 0 prom 0 - -
-
FST 253.240.220.167 DISCONN 1 0 prom 0 - -
-
FST 252.186.119.224 DISCONN 1 0 prom 0 - -
-
FST 41.255.172.252 DISCONN 1 0 prom 0 - -
-
! --- Output truncated
Router>
Software Versions and Fixes
===========================
When considering software upgrades, also consult
http://www.cisco.com/go/psirt and any subsequent advisories to determine
exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the
devices to be upgraded contain sufficient memory and that current
hardware and software configurations will continue to be supported
properly by the new release. If the information is not clear, contact
the Cisco Technical Assistance Center (TAC) or your contracted
maintenance provider for assistance.
Additionally, the Cisco IOS Software Checker is available on
the Cisco Security Intelligence Operations (SIO) portal at
http://tools.cisco.com/security/center/selectIOSVersion.x. It provides
several features for checking which Security Advisories affect specified
versions of Cisco IOS Software.
Cisco IOS Software
+-----------------
Each row of the following Cisco IOS Software table corresponds to a
Cisco IOS Software train. If a particular train is vulnerable, the
earliest releases that contain the fix are listed in the First Fixed
Release For This Advisory column. The First Fixed Release for All
Advisories in the September 2011 Bundled Publication column lists the
earliest possible releases that correct all the published
vulnerabilities in the Cisco IOS Software Security Advisory bundled
publication. Cisco recommends upgrading to the latest available
release, where possible.
+------------------------------------------------------------+
| Major | Availability of Repaired Releases |
| Release | |
|------------+-----------------------------------------------|
| Affected | | First Fixed Release |
| 12.0-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------------------------------------------------------|
| There are no affected 12.0-based releases |
|------------------------------------------------------------|
| Affected | | First Fixed Release |
| 12.1-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.1E | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.2-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.2 | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | |
| | fixed in Release 12.4 | |
| 12.2B | | Vulnerable; first |
| | Releases up to and | fixed in Release 12.4 |
| | including 12.2(2)B7 | |
| | are not vulnerable. | |
|------------+-----------------------+-----------------------|
| 12.2BC | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2BW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | |
| | fixed in Release | |
| | 12.2SB | Vulnerable; first |
| 12.2BX | | fixed in Release |
| | Releases up to and | 12.2SB |
| | including 12.2(15)BX | |
| | are not vulnerable. | |
|------------+-----------------------+-----------------------|
| 12.2BY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2BZ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2CX | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2CY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2CZ | Not vulnerable | fixed in Release |
| | | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2DA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2DD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2DX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2EU | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Releases up to and |
| 12.2EW | Not vulnerable | including 12.2(20)EW4 |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+-----------------------+-----------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| 12.2EZ | Not vulnerable | to any release in |
| | | 15.0SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2FX | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2FY | Not vulnerable | fixed in Release |
| | | 12.2EX |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2FZ | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRA | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRB | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRC | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IRD | 12.2(33)IRD1 | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2IRE | 12.2(33)IRE3 | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; migrate |
| 12.2IRF | to any release in | to any release in |
| | 12.2IRG | 12.2IRG |
|------------+-----------------------+-----------------------|
| 12.2IRG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXA | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXC | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXD | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXE | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXF | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXG | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2IXH | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2JK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2MB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2MC | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2MRA | Not vulnerable | fixed in Release |
| | | 12.2SRD |
|------------+-----------------------+-----------------------|
| 12.2MRB | Not vulnerable | 12.2(33)MRB5 |
|------------+-----------------------+-----------------------|
| | Releases prior to | Releases prior to |
| | 12.2(30)S are | 12.2(30)S are |
| | vulnerable; Releases | vulnerable; Releases |
| 12.2S | 12.2(30)S and later | 12.2(30)S and later |
| | are not vulnerable. | are not vulnerable. |
| | First fixed in | First fixed in |
| | Release 12.2SB | Release 12.2SB |
|------------+-----------------------+-----------------------|
| | 12.2(31)SB20 | 12.2(31)SB2012.2(33) |
| 12.2SB | | SB10 |
| | 12.2(33)SB10 | |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SBC | fixed in Release | fixed in Release |
| | 12.2SB | 12.2SB |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SCA | fixed in Release | fixed in Release |
| | 12.2SCC | 12.2SCC |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SCB | fixed in Release | fixed in Release |
| | 12.2SCC | 12.2SCC |
|------------+-----------------------+-----------------------|
| 12.2SCC | 12.2(33)SCC7 | 12.2(33)SCC7 |
|------------+-----------------------+-----------------------|
| | 12.2(33)SCD6 | |
| 12.2SCD | | 12.2(33)SCD6 |
| | 12.2(33)SCD7 | |
|------------+-----------------------+-----------------------|
| | 12.2(33)SCE1 | 12.2(33)SCE112.2(33) |
| 12.2SCE | | SCE2 |
| | 12.2(33)SCE2 | |
|------------+-----------------------+-----------------------|
| 12.2SCF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SE | Not vulnerable | 12.2(55)SE312.2(58)SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEA | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEB | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEC | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SED | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEE | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.2SEF | Not vulnerable | fixed in Release |
| | | 12.2SE |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(25)SEG4 are |
| | | vulnerable; Releases |
| 12.2SEG | Not vulnerable | 12.2(25)SEG4 and |
| | | later are not |
| | | vulnerable. First |
| | | fixed in Release |
| | | 12.2EX |
|------------+-----------------------+-----------------------|
| | Releases prior to | Releases prior to |
| | 12.2(40)SG are | 12.2(53)SG4 are |
| 12.2SG | vulnerable; Releases | vulnerable; Releases |
| | 12.2(40)SG and later | 12.2(53)SG4 and later |
| | are not vulnerable. | are not vulnerable. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SGA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2SL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2SM | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2SO | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SQ | Not vulnerable | 12.2(50)SQ3 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SRA | fixed in Release | fixed in Release |
| | 12.2SRD | 12.2SRD |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SRB | fixed in Release | fixed in Release |
| | 12.2SRD | 12.2SRD |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SRC | fixed in Release | fixed in Release |
| | 12.2SRD | 12.2SRD |
|------------+-----------------------+-----------------------|
| 12.2SRD | 12.2(33)SRD6 | 12.2(33)SRD6 |
|------------+-----------------------+-----------------------|
| 12.2SRE | 12.2(33)SRE3 | 12.2(33)SRE4 |
|------------+-----------------------+-----------------------|
| 12.2STE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SU | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Releases prior to | Releases prior to |
| | 12.2(29a)SV are | 12.2(29a)SV are |
| | vulnerable; Releases | vulnerable; Releases |
| 12.2SV | 12.2(29a)SV and later | 12.2(29a)SV and later |
| | are not vulnerable. | are not vulnerable. |
| | Migrate to any | Migrate to any |
| | release in 12.2SVD | release in 12.2SVD |
|------------+-----------------------+-----------------------|
| 12.2SVA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SVE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | Vulnerable; contact |
| | 12.2(25)SW12 are | your support |
| | vulnerable; Releases | organization per the |
| 12.2SW | 12.2(25)SW12 and | instructions in the |
| | later are not | Obtaining Fixed |
| | vulnerable. | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SX | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXA | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXB | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXD | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SXE | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| 12.2SXF | 12.2(18)SXF17b | 12.2(18)SXF17b |
|------------+-----------------------+-----------------------|
| 12.2SXH | 12.2(33)SXH8a | 12.2(33)SXH8a |
|------------+-----------------------+-----------------------|
| 12.2SXI | 12.2(33)SXI6 | 12.2(33)SXI6 |
|------------+-----------------------+-----------------------|
| 12.2SXJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2SY | 12.2(50)SY | 12.2(50)SY |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2SZ | fixed in Release | fixed in Release |
| | 12.2SB | 12.2SB |
|------------+-----------------------+-----------------------|
| 12.2T | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2TPC | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2XA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XB | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2XC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XH | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XI | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XM | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XN | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNA | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNB | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNC | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XND | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNE | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Please see Cisco | Please see Cisco |
| 12.2XNF | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | | Releases prior to |
| | | 12.2(54)XO are |
| 12.2XO | Not vulnerable | vulnerable; Releases |
| | | 12.2(54)XO and later |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| 12.2XQ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XR | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XS | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XT | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XU | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XV | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2XW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | |
| | 12.2(4)YA8 are | |
| | vulnerable; Releases | Vulnerable; first |
| 12.2YA | 12.2(4)YA8 and later | fixed in Release 12.4 |
| | are not vulnerable. | |
| | First fixed in | |
| | Release 12.4 | |
|------------+-----------------------+-----------------------|
| 12.2YB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YF | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YG | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YH | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | Releases prior to | your support |
| | 12.2(8)YJ1 are | organization per the |
| 12.2YJ | vulnerable; Releases | instructions in the |
| | 12.2(8)YJ1 and later | Obtaining Fixed |
| | are not vulnerable. | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YL | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YM | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YN | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2YO | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2YP | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YQ | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.2YR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YS | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YT | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YU | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | Releases prior to | your support |
| | 12.2(11)YV1 are | organization per the |
| 12.2YV | vulnerable; Releases | instructions in the |
| | 12.2(11)YV1 and later | Obtaining Fixed |
| | are not vulnerable. | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YW | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YX | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YY | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2YZ | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2ZA | fixed in Release | fixed in Release |
| | 12.2SXF | 12.2SXF |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2ZC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.2ZE | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZF | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.2ZG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | |
| | 12.2(13)ZH6 are | |
| | vulnerable; Releases | Vulnerable; first |
| 12.2ZH | 12.2(13)ZH6 and later | fixed in Release 12.4 |
| | are not vulnerable. | |
| | First fixed in | |
| | Release 12.4 | |
|------------+-----------------------+-----------------------|
| 12.2ZJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZL | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.2ZP | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.2ZU | fixed in Release | fixed in Release |
| | 12.2SXH | 12.2SXH |
|------------+-----------------------+-----------------------|
| 12.2ZX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZY | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.2ZYA | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.3-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.3 | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3B | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.3BC | Not vulnerable | fixed in Release |
| | | 12.2SCC |
|------------+-----------------------+-----------------------|
| 12.3BW | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JEA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JEB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JEC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JED | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases up to and | Releases up to and |
| | including 12.3(2)JK3 | including 12.3(2)JK3 |
| | are not vulnerable. | are not vulnerable. |
| 12.3JK | Releases 12.3(8)JK1 | Releases 12.3(8)JK1 |
| | and later are not | and later are not |
| | vulnerable. First | vulnerable. First |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3JL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3JX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3T | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | Releases up to and | your support |
| | including 12.3(4) | organization per the |
| 12.3TPC | TPC11a are not | instructions in the |
| | vulnerable. | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3VA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Releases prior to | |
| | 12.3(2)XA7 are | |
| | vulnerable; Releases | Vulnerable; first |
| 12.3XA | 12.3(2)XA7 and later | fixed in Release 12.4 |
| | are not vulnerable. | |
| | First fixed in | |
| | Release 12.4 | |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XC | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XD | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XE | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XF | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XG | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3XI | fixed in Release | fixed in Release |
| | 12.2SB | 12.2SB |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XJ | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XK | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3XL | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.3XQ | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XR | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XS | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3XU | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3XW | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| 12.3XX | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3XY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3XZ | Vulnerable; first | Vulnerable; first |
| | fixed in Release 12.4 | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3YA | Not vulnerable | Vulnerable; first |
| | | fixed in Release 12.4 |
|------------+-----------------------+-----------------------|
| 12.3YD | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YF | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YG | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YH | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YI | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YJ | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.3YK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.3YM | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YQ | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | |
| | fixed in Release | |
| | 12.4T | Vulnerable; first |
| 12.3YS | | fixed in Release |
| | Releases up to and | 12.4T |
| | including 12.3(11)YS1 | |
| | are not vulnerable. | |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YT | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3YU | fixed in Release | fixed in Release |
| | 12.4XB | 12.4XB |
|------------+-----------------------+-----------------------|
| | Vulnerable; migrate | Vulnerable; first |
| 12.3YX | to any release in | fixed in Release |
| | 12.4XR | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.3YZ | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.3ZA | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 12.4-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| 12.4 | 12.4(25e) | 12.4(25f) |
|------------+-----------------------+-----------------------|
| 12.4GC | 12.4(24)GC4 | 12.4(24)GC4 |
|------------+-----------------------+-----------------------|
| 12.4JA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JAX | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JDA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JDC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JHC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JL | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JMA | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4JMB | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; migrate |
| | | to any release in |
| | | 12.4JA |
| 12.4JX | Not vulnerable | |
| | | Releases up to and |
| | | including 12.4(21a)JX |
| | | are not vulnerable. |
|------------+-----------------------+-----------------------|
| 12.4JY | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4MD | Not vulnerable | 12.4(24)MD6 on |
| | | 28-Oct-2011 |
|------------+-----------------------+-----------------------|
| 12.4MDA | Not vulnerable | 12.4(24)MDA7 |
|------------+-----------------------+-----------------------|
| 12.4MDB | Not vulnerable | 12.4(24)MDB3 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4MR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4MRA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.4MRB | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4SW | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | 12.4(15)T15 | 12.4(15)T16 |
| 12.4T | | |
| | 12.4(24)T5 | 12.4(24)T6 |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XA | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4XB | 12.4(2)XB12 | 12.4(2)XB12 |
|------------+-----------------------+-----------------------|
| 12.4XC | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XD | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4XE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.4XF | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XG | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4XJ | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| 12.4XK | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4XL | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Releases up to and | |
| | including 12.4(15)XM | |
| | are not vulnerable. | |
| | | Vulnerable; first |
| 12.4XM | Releases 12.4(15)XM3 | fixed in Release |
| | and later are not | 12.4T |
| | vulnerable. First | |
| | fixed in Release | |
| | 12.4T | |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4XN | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4XP | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.4XQ | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 12.4XR | Not vulnerable | fixed in Release |
| | | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XT | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| 12.4XV | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XW | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XY | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4XZ | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 12.4YA | fixed in Release | fixed in Release |
| | 12.4T | 12.4T |
|------------+-----------------------+-----------------------|
| | Vulnerable; contact | Vulnerable; contact |
| | your support | your support |
| | organization per the | organization per the |
| 12.4YB | instructions in the | instructions in the |
| | Obtaining Fixed | Obtaining Fixed |
| | Software section of | Software section of |
| | this advisory. | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4YD | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; fixed in |
| | | 12.4(22)YE6 on |
| 12.4YE | Not vulnerable | 30-Sept-2011; 12.4 |
| | | (24)YE7 available on |
| | | 17-Oct-2011 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 12.4YG | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 15.0-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| | 15.0(1)M4 | |
| 15.0M | | 15.0(1)M7 |
| | 15.0(1)M5a | |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.0MR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.0MRA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | 15.0(1)S3a | |
| | | 15.0(1)S4 |
| | 15.0(1)S4 | |
| 15.0S | | Cisco IOS XE devices: |
| | Cisco IOS XE devices: | Please see Cisco |
| | Please see Cisco | IOS-XE Software |
| | IOS-XE Software | Availability |
| | Availability | |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.0SA | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| 15.0SE | Not vulnerable | Not vulnerable |
|------------+-----------------------+-----------------------|
| | Cisco IOS XE devices: | Cisco IOS XE devices: |
| 15.0SG | Please see Cisco | Please see Cisco |
| | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 15.0XA | fixed in Release | fixed in Release |
| | 15.1T | 15.1T |
|------------+-----------------------+-----------------------|
| | Cisco IOS XE devices: | Cisco IOS XE devices: |
| 15.0XO | Please see Cisco | Please see Cisco |
| | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 15.1-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.1EY | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | | Vulnerable; first |
| 15.1GC | Not vulnerable | fixed in Release |
| | | 15.1T |
|------------+-----------------------+-----------------------|
| 15.1M | Not vulnerable | 15.1(4)M2; Available |
| | | on 30-SEP-11 |
|------------+-----------------------+-----------------------|
| | | Vulnerable; contact |
| | | your support |
| | | organization per the |
| 15.1MR | Not vulnerable | instructions in the |
| | | Obtaining Fixed |
| | | Software section of |
| | | this advisory. |
|------------+-----------------------+-----------------------|
| | 15.1(1)S1 | 15.1(2)S2 |
| | | |
| | 15.1(2)S | 15.1(3)S |
| 15.1S | | |
| | Cisco IOS XE devices: | Cisco IOS XE devices: |
| | Please see Cisco | Please see Cisco |
| | IOS-XE Software | IOS-XE Software |
| | Availability | Availability |
|------------+-----------------------+-----------------------|
| | 15.1(1)T3 | |
| | | |
| | 15.1(2)T2 | 15.1(2)T4 15.1(1)T4 |
| 15.1T | | on 8-Dec-2011 |
| | 15.1(2)T2a | |
| | | |
| | 15.1(3)T | |
|------------+-----------------------+-----------------------|
| | Vulnerable; first | Vulnerable; first |
| 15.1XB | fixed in Release | fixed in Release |
| | 15.1T | 15.1T |
|------------+-----------------------+-----------------------|
| Affected | | First Fixed Release |
| 15.2-Based | First Fixed Release | for All Advisories in |
| Releases | | the September 2011 |
| | | Bundled Publication |
|------------------------------------------------------------|
| There are no affected 15.2-based releases |
+------------------------------------------------------------+
Cisco IOS XE Software
+--------------------
Cisco IOS XE Software is affected by the vulnerability disclosed in
this document.
+------------------------------------------------------------+
| Cisco | First | First Fixed Release for All |
| IOS XE | Fixed | Advisories in the September 2011 |
| Release | Release | Bundled Publication |
|----------+------------+------------------------------------|
| 2.1.x | Not | Vulnerable; migrate to 3.3.2S or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 2.2.x | Not | Vulnerable; migrate to 3.3.2S or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 2.3.x | Not | Vulnerable; migrate to 3.3.2S or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 2.4.x | Not | Vulnerable; migrate to 3.3.2S or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 2.5.x | Not | Vulnerable; migrate to 3.3.2S or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 2.6.x | Not | Vulnerable; migrate to 3.3.2S or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 3.1.xS | 3.1.3S | Vulnerable; migrate to 3.3.2S or |
| | | later |
|----------+------------+------------------------------------|
| 3.1.xSG | Not | Vulnerable; migrate to 3.2.0SG or |
| | vulnerable | later |
|----------+------------+------------------------------------|
| 3.2.xS | 3.2.1S | Vulnerable; migrate to 3.3.2S or |
| | | later |
|----------+------------+------------------------------------|
| 3.2.xSG | Not | Not vulnerable |
| | vulnerable | |
|----------+------------+------------------------------------|
| 3.3.xS | Not | 3.3.2S |
| | vulnerable | |
|----------+------------+------------------------------------|
| 3.4.xS | Not | Not vulnerable |
| | vulnerable | |
+------------------------------------------------------------+
For mapping of Cisco IOS XE to Cisco IOS releases, please refer to
the Cisco IOS XE 2 Release Notes, Cisco IOS XE 3S Release Notes, and
Cisco IOS XE 3SG Release Notes.
Cisco IOS XR Software
+--------------------
Cisco IOS XR Software is not affected by any of the vulnerabilities
in the September 2011 bundled publication.
Workarounds
===========
This vulnerability can be mitigated by using Control Plane Policing
(CoPP) to only allow IP Protocol 91 packets sent by valid peers.
Mitigation techniques that can be deployed on Cisco devices within
the network are available in the Cisco Applied Mitigation Bulletin
companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20110928-dlsw.shtml
Control Plane Policing
+---------------------
Control Plane Policing (CoPP) can be used to block untrusted IP
Protocol 91 packets sent to the affected device. Cisco IOS Software
Releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the
CoPP feature. CoPP may be configured on a device to protect the
management and control planes to minimize the risk and effectiveness
of direct infrastructure attacks by explicitly permitting, and if
configured, rate-limiting only authorized traffic that is sent to
infrastructure devices in accordance with existing security policies
and configurations. The following example, which uses 192.168.100.1
to represent a trusted host, can be adapted to your network.
!-- Deny FST traffic on IP protocol 91 from trusted
!-- hosts to all IP addresses configured on all interfaces of the
affected device
!-- so that it will be allowed by the CoPP feature
access-list 111 deny 91 host 192.168.100.1 any
!-- Permit all other FST traffic on IP protocol 91
!-- sent to all IP addresses configured on all interfaces of the
affected
!-- device so that it will be policed and dropped by the CoPP feature
access-list 111 permit 91 any any
!-- Permit (Police or Drop)/Deny (Allow) all other Layer3
!-- and Layer4 traffic in accordance with existing security
!-- policies and configurations for traffic that is authorized
!-- to be sent to infrastructure devices
!-- Create a Class-Map for traffic to be policed by
!-- the CoPP feature
class-map match-all drop-fst-91-class
match access-group 111
!-- Create a Policy-Map that will be applied to the
!-- Control-Plane of the device.
policy-map input-CoPP-policy
class drop-fst-91-class
drop
!-- Apply the Policy-Map to the Control-Plane of the
!-- device
control-plane
service-policy input input-CoPP-policy
In the above CoPP example, the access control list entries (ACEs)
that match the potential exploit packets with the "permit" action
result in these packets being discarded by the policy map "drop"
function, while packets that match the deny action (not shown) are
not affected by the policy-map drop function. Note that in the 12.2S
and 12.0S Cisco IOS trains the policy-map syntax is different, as
shown in the following example:
policy-map input-CoPP-policy
class drop-fst-91-class
police 32000 1500 1500 conform-action drop exceed-action drop
Additional information on the CoPP feature is available at: Control
Plane Policing Implementation Best Practices.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature
sets they have purchased. By installing, downloading, accessing
or otherwise using such software upgrades, customers agree to be
bound by the terms of Cisco's software license terms found at
http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,
or as otherwise set forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt(a)cisco.com or security-alert(a)cisco.com for
software upgrades.
Customers with Service Contracts
+-------------------------------
Customers with contracts should obtain upgraded software through
their regular update channels. For most customers, this means that
upgrades should be obtained through the Software Center on Cisco's
worldwide website at http://www.cisco.com.
Customers using Third Party Support Organizations
+------------------------------------------------
Customers whose Cisco products are provided or maintained through
prior or existing agreements with third-party support organizations,
such as Cisco Partners, authorized resellers, or service providers
should contact that support organization for guidance and assistance
with the appropriate course of action in regards to this advisory.
The effectiveness of any workaround or fix is dependent on specific
customer situations, such as product mix, network topology, traffic
behavior, and organizational mission. Due to the variety of affected
products and releases, customers should consult with their service
provider or support organization to ensure any applied workaround or
fix is the most appropriate for use in the intended network before it
is deployed.
Customers without Service Contracts
+----------------------------------
Customers who purchase direct from Cisco but do not hold a Cisco
service contract, and customers who purchase through third-party
vendors but are unsuccessful in obtaining fixed software through
their point of sale should acquire upgrades by contacting the Cisco
Technical Assistance Center (TAC). TAC contacts are as follows.
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac(a)cisco.com
Customers should have their product serial number available and be
prepared to give the URL of this notice as evidence of entitlement to
a free upgrade. Free upgrades for non-contract customers must be
requested through the TAC.
Refer to
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
for additional TAC contact information, including localized telephone
numbers, and instructions and e-mail addresses for use in various
languages.
Exploitation and Public Announcements
=====================================
The Cisco PSIRT is not aware of any public announcements or malicious
use of the vulnerability described in this advisory.
This vulnerability was discovered during Cisco internal testing.
Status of this Notice: FINAL
============================
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS
AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that
omits the distribution URL in the following section is an
uncontrolled copy, and may lack important information or contain
factual errors.
Distribution
============
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20110323-dlsw.shtml
In addition to worldwide web posting, a text version of this notice
is clear-signed with the Cisco PSIRT PGP key and is posted to the
following e-mail and Usenet news recipients.
* cust-security-announce(a)cisco.com
* first-bulletins(a)lists.first.org
* bugtraq(a)securityfocus.com
* vulnwatch(a)vulnwatch.org
* cisco(a)spot.colorado.edu
* cisco-nsp(a)puck.nether.net
* full-disclosure(a)lists.grok.org.uk
* comp.dcom.sys.cisco(a)newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's
worldwide website, but may or may not be actively announced on
mailing lists or newsgroups. Users concerned about this problem are
encouraged to check the above URL for any updates.
Revision History
================
+------------------------------------------------------------+
| Revision 1.0 | 2011-September-28 | Initial public release |
+------------------------------------------------------------+
Cisco Security Procedures
=========================
Complete information on reporting security vulnerabilities
in Cisco products, obtaining assistance with security
incidents, and registering to receive security information
from Cisco, is available on Cisco's worldwide website at
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.h
tml.
This includes instructions for press inquiries regarding
Cisco security notices. All Cisco security advisories are available at
http://www.cisco.com/go/psirt.
+--------------------------------------------------------------------
Copyright 2010-2011 Cisco Systems, Inc. All rights reserved.
+--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iF4EAREIAAYFAk6Cp2EACgkQQXnnBKKRMNDlUwD/RunFKu5OItJXD8gTi5PtkxMz
CoIx3+/EIJjznWKJnBoA/3bh8zYaW5Et3pvnmF9Hm2nImvFT1jMZOIv1zWfAMsXX
=oqzZ
-----END PGP SIGNATURE-----
1
0