Announcing long AS-sets tomorrow
Hi, as part of our AS-set stuffing experiments (announced, including links to in-depth information, in [1]), we will be announcing unusually large AS-sets tomorrow, Thursday 16 June. The prefixes involved will be 84.205.73.0/24 and 84.205.89.0/24, both orignating in AS12654. The AS-sets will consist of AS12654 repeated n times, thus the paths will look like 12654 {12654, 12654, ..., 12654}. No other AS numbers will be used. The values of n we will use are 25, 50, 75 and 100. The announcements are designed to discover how far large AS-sets are propagated, and thus how effective our techniques can be, in today's Internet with today's IPv4 operational practices. This is *not* a test to see if routers will fall over: we have successfully tested longer AS-sets in the lab on both Cisco and Juniper, and longer AS-paths and AS-sets have been observed in the wild [2,3]. See [1] for more information on the safety of these announcements. The proposed schedule is as follows: 84.205.73.0/24 84.205.89.0/24 14:00 UTC: 25-element AS-set 50-element AS-set 14:30 UTC: withdrawal withdrawal 16:00 UTC: 75-element AS-set 100-element AS-set 16:30 UTC: withdrawal withdrawal If anyone should see a problem during the announcements, please contact me and I will take immediate action. Regards, Lorenzo [1] http://www.merit.edu/mail.archives/nanog/2005-06/msg00210.html [2] http://www.ripe.net/projects/ris/Talks/0101_RIPE38_AA/sld003.html [3] http://www.ripe.net/maillists/ncc-archives/ris-users/2002/msg00044.html -- lorenzo@ripe.net colitti@dia.uniroma3.it www.ripe.net www.dia.uniroma3.it/~compunet RIPE NCC Roma Tre Computer Networks research group
On Wed, 2005-06-15 at 11:27 +0200, Lorenzo Colitti wrote:
Hi,
as part of our AS-set stuffing experiments (announced, including links to in-depth information, in [1]), we will be announcing unusually large AS-sets tomorrow, Thursday 16 June.
It would be *very* nice if you could announce this at least a week in advance instead of "tomorrow we are going to abuse the internet for some weird testing". Then folks could add some filtering to discard your announcements.
This is *not* a test to see if routers will fall over: we have successfully tested longer AS-sets in the lab on both Cisco and Juniper, and longer AS-paths and AS-sets have been observed in the wild [2,3].
Unfortunately, especially in the case of Cisco's, there are a lot of varying versions, with each and every one of them their own special little bugs. Also don't forget that there are actually people using other setups than C and J boxes. Not that it would be bad when they would fall over, it would be bad if they would keep on transmitting these paths, like what Cisco's tend to do when not forwarding to other peers that the prefix was actually retracted. PS: Don't forget to notify our asian colleagues. Greets, Jeroen
Hey guys, A longer heads-up would have been nice, something like a week. This 24 hour notice is unfortunate. Thanks, Christian On 6/15/05 5:27 AM, "Lorenzo Colitti" <lorenzo@ripe.net> wrote:
Hi,
as part of our AS-set stuffing experiments (announced, including links to in-depth information, in [1]), we will be announcing unusually large AS-sets tomorrow, Thursday 16 June.
The prefixes involved will be 84.205.73.0/24 and 84.205.89.0/24, both orignating in AS12654. The AS-sets will consist of AS12654 repeated n times, thus the paths will look like 12654 {12654, 12654, ..., 12654}. No other AS numbers will be used. The values of n we will use are 25, 50, 75 and 100.
The announcements are designed to discover how far large AS-sets are propagated, and thus how effective our techniques can be, in today's Internet with today's IPv4 operational practices. This is *not* a test to see if routers will fall over: we have successfully tested longer AS-sets in the lab on both Cisco and Juniper, and longer AS-paths and AS-sets have been observed in the wild [2,3]. See [1] for more information on the safety of these announcements.
The proposed schedule is as follows:
84.205.73.0/24 84.205.89.0/24 14:00 UTC: 25-element AS-set 50-element AS-set 14:30 UTC: withdrawal withdrawal
16:00 UTC: 75-element AS-set 100-element AS-set 16:30 UTC: withdrawal withdrawal
If anyone should see a problem during the announcements, please contact me and I will take immediate action.
Regards, Lorenzo
[1] http://www.merit.edu/mail.archives/nanog/2005-06/msg00210.html [2] http://www.ripe.net/projects/ris/Talks/0101_RIPE38_AA/sld003.html [3] http://www.ripe.net/maillists/ncc-archives/ris-users/2002/msg00044.html
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. 163
Lorenzo Colitti wrote:
as part of our AS-set stuffing experiments (announced, including links to in-depth information, in [1]), we will be announcing unusually large AS-sets tomorrow, Thursday 16 June.
Hi, due to unforeseen technical difficulties, we have been forced to postpone these experiments. We plan to make the announcements at the same times on Monday 20 June. The prefixes will be the same (84.205.73.0/24 and 84.205.89.0/24) and will be originated by AS12654 as before, but the AS-set will consist of AS2121 repeated n times, so the paths will look like 12654 {2121, 2121, ..., 2121}. AS2121 is the RIPE meeting AS, which is reserved for RIPE meetings and does not currently appear in the global routing table. As before, should anyone encounter a problem with these experiments, please let me know and I will take immediate action. Regards, Lorenzo -- lorenzo@ripe.net colitti@dia.uniroma3.it www.ripe.net www.dia.uniroma3.it/~compunet RIPE NCC Roma Tre Computer Networks research group
On Mon, 20 Jun 2005, Lorenzo Colitti wrote:
Lorenzo Colitti wrote:
as part of our AS-set stuffing experiments (announced, including links to in-depth information, in [1]), we will be announcing unusually large AS-sets tomorrow, Thursday 16 June.
Hi,
due to unforeseen technical difficulties, we have been forced to postpone these experiments. We plan to make the announcements at the same times on Monday 20 June.
The prefixes will be the same (84.205.73.0/24 and 84.205.89.0/24) and will be originated by AS12654 as before, but the AS-set will consist of AS2121 repeated n times, so the paths will look like 12654 {2121, 2121, ..., 2121}. AS2121 is the RIPE meeting AS, which is reserved for RIPE meetings and does not currently appear in the global routing table.
As before, should anyone encounter a problem with these experiments, please let me know and I will take immediate action.
June 15th: Lorenzo gives us 24 hours notice that he is going to be using our (a very general our here, meaning all Internet operators) network for performing his experiments on. (oh, and points out that hes been doing the same with IPv6 since last year, just unannounced, but thats okay because noone noticed) June 15th: Those that check their email frequently enough to spot this ask Lorenzo for at least a week notice before doing this in future. June 20th: Lorenzo gives us same day notice that he will be using our network as his plaything again. Anyone sufficiently behind Lorenzo in the grand scheme of things (either they have better things to do than read their email all day, or perhaps they're on the west coast USA) won't even know about this until it is too late. If something strange happens I'm not sure everyone will suddenly think better check to see if Lorenzo is playing again. I see the use of the Internet for experiments like this to be somewhat frivilous, and the notice periods given as warning even more so. I'm sure Lorenzo would not appreciate if I were to give 20 minutes warning of some clandestine experiment, such as announcing more specifics of his institutions prefixes as particularly helpful! Regards James
June 15th: Lorenzo gives us 24 hours notice that he is going to be using our (a very general our here, meaning all Internet operators) network for performing his experiments on. (oh, and points out that hes been doing the same with IPv6 since last year, just unannounced, but thats okay because noone noticed)
June 15th: Those that check their email frequently enough to spot this ask Lorenzo for at least a week notice before doing this in future.
June 20th: Lorenzo gives us same day notice that he will be using our network as his plaything again. Anyone sufficiently behind Lorenzo in the grand scheme of things (either they have better things to do than read their email all day, or perhaps they're on the west coast USA) won't even know about this until it is too late. If something strange happens I'm not sure everyone will suddenly think better check to see if Lorenzo is playing again.
I see the use of the Internet for experiments like this to be somewhat frivilous, and the notice periods given as warning even more so. I'm sure Lorenzo would not appreciate if I were to give 20 minutes warning of some clandestine experiment, such as announcing more specifics of his institutions prefixes as particularly helpful!
he is announcing his own bleedin' prefixes. get a life randy
On Mon, 2005-06-20 at 01:10 +0200, Lorenzo Colitti wrote:
Lorenzo Colitti wrote:
as part of our AS-set stuffing experiments (announced, including links to in-depth information, in [1]), we will be announcing unusually large AS-sets tomorrow, Thursday 16 June.
Hi,
due to unforeseen technical difficulties, we have been forced to postpone these experiments. We plan to make the announcements at the same times on Monday 20 June.
Yeah, add more monday morning trouble, people will love to get to work then ;) Btw, if you postponed the 'experiment', how come I did pick up this one: 84.205.73.0/24 12654 12654 {1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221} Greets, Jeroen PS: Is the 'technical difficulty' your own router falling over? :)
Jeroen Massar wrote:
Btw, if you postponed the 'experiment', how come I did pick up this one:
84.205.73.0/24 12654 12654 {1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221}
That path was announced during the window of notice we had given for the announcements. However, you will notice that that was not the complete set of announcements we intended to make, which included 25-, 50-, 75-. and 100-element AS-sets. Since we were not able to send all the announcements within the window of notice we had provided, we postponed them to avoid sending announcements when people were not expecting them.
PS: Is the 'technical difficulty' your own router falling over? :)
No. :) Regards, Lorenzo -- lorenzo@ripe.net colitti@dia.uniroma3.it www.ripe.net www.dia.uniroma3.it/~compunet RIPE NCC Roma Tre Computer Networks research group
On Mon, Jun 20, 2005 at 11:58:33AM +0200, Lorenzo Colitti wrote:
Jeroen Massar wrote:
Btw, if you postponed the 'experiment', how come I did pick up this one:
84.205.73.0/24 12654 12654 {1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221}
That path was announced during the window of notice we had given for the announcements. However, you will notice that that was not the complete set of announcements we intended to make, which included 25-, 50-, 75-. and 100-element AS-sets.
By the way, accoording to your annoucement: | The prefixes involved will be 84.205.73.0/24 and 84.205.89.0/24, both | orignating in AS12654. The AS-sets will consist of AS12654 repeated n | times, thus the paths will look like 12654 {12654, 12654, ..., 12654}. | No other AS numbers will be used. The values of n we will use are 25, | 50, 75 and 100. What's the '1221' doing there ? Grtx, MarcoH
On Mon, 2005-06-20 at 12:33 +0200, MarcoH wrote:
On Mon, Jun 20, 2005 at 11:58:33AM +0200, Lorenzo Colitti wrote:
Jeroen Massar wrote:
Btw, if you postponed the 'experiment', how come I did pick up this one:
84.205.73.0/24 12654 12654 {1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221,1221,1221,1221,1221,1221, 1221,1221,1221,1221,1221}
That path was announced during the window of notice we had given for the announcements. However, you will notice that that was not the complete set of announcements we intended to make, which included 25-, 50-, 75-. and 100-element AS-sets.
By the way, accoording to your annoucement:
| The prefixes involved will be 84.205.73.0/24 and 84.205.89.0/24, both | orignating in AS12654. The AS-sets will consist of AS12654 repeated n | times, thus the paths will look like 12654 {12654, 12654, ..., 12654}. | No other AS numbers will be used. The values of n we will use are 25, | 50, 75 and 100.
What's the '1221' doing there ?
That is the RIPE Meeting AS apparently, which is not used at the moment. This was mentioned in todays mail (not in the original one). According to whois though, I hope that you enlightened Geoff of taking over his AS: aut-num: AS1221 as-name: ASN-TELSTRA descr: Telstra Pty Ltd I also do hope that people are not going to filter out 1221 btw as that would sever connectivity of that AS when it is needed. Another thing to note is that neither of those two AS's have any reference to these experiments in whois. aut-num: AS12654 as-name: RIPE-NCC-RIS-AS descr: RIPE NCC RIS Project. descr: http://www.ripe.net/ris/ admin-c: HU266-RIPE tech-c: RISM-RIPE remarks: Different subsets of the routes in AS12654:RS-RIS are announced remarks: at each location. remarks: Please send peering requests to rispeering@ripe.net. mnt-by: RIPE-NCC-RIS-MNT source: RIPE # Filtered It would be nice to list it there too as mentioned before, not everybody reads the various mailinglists and there is no mention on that site either.... Greets, Jeroen
On Mon, 20 Jun 2005, Lorenzo Colitti wrote:
Hi,
due to unforeseen technical difficulties, we have been forced to postpone these experiments. We plan to make the announcements at the same times on Monday 20 June.
The prefixes will be the same (84.205.73.0/24 and 84.205.89.0/24) and will be originated by AS12654 as before, but the AS-set will consist of AS2121 repeated n times, so the paths will look like 12654 {2121, 2121, .., 2121}. AS2121 is the RIPE meeting AS, which is reserved for RIPE meetings and does not currently appear in the global routing table.
Wrong again. You used both AS1221 and AS2121: Jun 20 17:00:45: %BGP-6-ASPATH: Long AS path 20965 1299 12654 12654 {1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221 ,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221 ,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221} received from 62.40.103.69: More than configured MAXAS-LIMIT Jun 20 17:31:14: %BGP-6-ASPATH: Long AS path 20965 1299 701 702 13030 12654 12654 {1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221 ,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221 ,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221,1221} received from 62.40.103.69: More than configured MAXAS-LIMIT Jun 20 19:00:43: %BGP-6-ASPATH: Long AS path 20965 1299 12654 12654 {2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 received from 62.40.103.69: More than configured MAXAS-LIMIT Jun 20 19:30:39: %BGP-6-ASPATH: Long AS path 20965 1299 3356 16034 12654 12654 {2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 ,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121,2121 received from 62.40.103.69: More than configured MAXAS-LIMIT -Hank
On Tue, Jun 21, 2005 at 08:13:08AM +0300, Hank Nussbacher wrote:
due to unforeseen technical difficulties, we have been forced to postpone these experiments. We plan to make the announcements at the same times on Monday 20 June.
The prefixes will be the same (84.205.73.0/24 and 84.205.89.0/24) and will be originated by AS12654 as before, but the AS-set will consist of AS2121 repeated n times, so the paths will look like 12654 {2121, 2121, .., 2121}. AS2121 is the RIPE meeting AS, which is reserved for RIPE meetings and does not currently appear in the global routing table.
Wrong again. You used both AS1221 and AS2121:
Yups, smells like a small but very dangerous typo.
From a netcitizen's perpesctive and as being involved in operating a part of the internet, I'm starting to dislike this whole experiment more and more. I understand, as people already commented, the internet in fact is one big experiment, but this is getting out-of-hand.
Can the people responsible for this please reconsider and put things on hold until certain conditions are met: Publish a detailed workplan including AS-es used, windows and risk analysis to the various mailinglists. A reasonable time between annoucements and the experiment instead of 24 hours. Some assurance that input files are checked for typos. Take another look wether it is smart to use 'production' AS-es for it, such as the RIS or meeting AS numbers, instead of a seperate set. I think people are going to get real unhappy if somewhere in October they found out the meeting network is blocked at various places. Just my 2 cents, MarcoH
Can the people responsible for this please reconsider and put things on hold until certain conditions are met: Publish a detailed workplan including AS-es used, windows and risk analysis to the various mailinglists.
given they are using their own prefixes, can you please tell us what risk there might be.
Some assurance that input files are checked for typos.
hopefully better than the mean of operators doing so :-)/2 randy
On Tue, Jun 21, 2005 at 10:27:18AM +0100, Randy Bush wrote:
Can the people responsible for this please reconsider and put things on hold until certain conditions are met: Publish a detailed workplan including AS-es used, windows and risk analysis to the various mailinglists.
given they are using their own prefixes, can you please tell us what risk there might be.
Not much, but I guess people in the audience might get happy from the small note that labtests showed IOS won't crash when it encounters these annoucements. MarcoH
Can the people responsible for this please reconsider and put things on hold until certain conditions are met: Publish a detailed workplan including AS-es used, windows and risk analysis to the various mailinglists. given they are using their own prefixes, can you please tell us what risk there might be. Not much, but I guess people in the audience might get happy from the small note that labtests showed IOS won't crash when it encounters these annoucements.
showing that ios won't crash is very difficult because the number of versions of ios, and the amazing dependencies of things on which blade is in which slot and what phase is the moon. but reading the roma gang's papers and the main email note leads me to feel they have done as good a job on this as we can reasonably expect. considering that we have fellow isps dumping horrifying garbage in the rib, it's amusing how we attack a seemingly well-run very small experiment. randy
participants (7)
-
Christian Kuhtz -
Hank Nussbacher -
James A. T. Rice -
Jeroen Massar -
Lorenzo Colitti -
MarcoH -
Randy Bush