On 2014-08-21, Adam Thompson <athom...@athompso.net> wrote: > I'm still baffled - why do you want to reject routes containing private ASNs? > It's strange and odd, but not invalid or illegal.
Quite - I don't see much value in doing this, OK so some network in the path screwed up by accepting these routes from their downstream, but blocking those (currently 130-odd) prefixes isn't going to punish the right people, and may hurt you. It's not like blocking announcements of bad *address space*.. > AFAICT, it's analogous to routing public IP traffic across a link that uses > RFC1918 addresses - completely irrelevant to the end-user. Actually that may be relevant to the end-user in some (limited) cases because ICMP messages may get sent from those addresses and then filtered .. There is a situation where the private ASNs may be relevant to an end user; if that user is running BGP themselves, taking full table, and using the same ASN internally, loop detection will kill those routes. I would hazard a guess at this being even more limited though (and I don't think this would be a good reason to reject all such routes outright).
