Help with AS-Path manipulation
Saku Ytti
saku at ytti.fi
Sat Sep 15 11:46:07 CEST 2018
You could recreate the route via static route and depend on existing
one. In static route you can attach AS-PATH in any way you want.
route 2.20.144.0/22 unreachable {
bgp_local_pref = 0;
bgp_path.prepend(20940);
bgp_path.prepend(20940);
bgp_path.prepend(10429);
bgp_path.prepend(12956);
};
For other interested parties, there are many use cases for AS_PATH manipulatoin
a) injecting realistic RIB to DUT
b) network-based firewall running eBGP (ASnet => ASfw => ASnet => ASfw
=> ASnet to firewall traffic between two VRFs)
c) security research, hijack detection testing
d) many things I likely don't know about, but are reasonable
Lot of commercial BGP solutions support AS_PATH manipulation.
On Sat, 15 Sep 2018 at 07:01, Marcio <marciovinicius.santos at uniriotec.br> wrote:
>
> I'd like to perform a Hijacking but changing a soecific position of AS Path. Is it poasible to perform it with BIRD? If not, is there another way to do this?
>
> Em sex, 14 de set de 2018 12:37, Job Snijders <job at instituut.net> escreveu:
>>
>> Dear Marcio,
>>
>> What is your use case for extensive manipulation of the AS_PATH?
>>
>> Kind regards,
>>
>> Job
>>
>> On Fri, 14 Sep 2018 at 16:02, Marcio <marciovinicius.santos at uniriotec.br> wrote:
>>>
>>> Dear,
>>>
>>> Could you help me with an information? Is there a way to generate an announce modifying the AS Path field using BIRD? For example, i´d like to announce a prefix with a false AS Path field where i could change it, inserting or removing an AS.
--
++ytti
More information about the Bird-users
mailing list