What is AS_PATH prepending and how can it be used to influence routing for security or policy purposes?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master RIPE BGP Security with our comprehensive test. Understand the Border Gateway Protocol, explore multiple choice questions, and get ready for your exam with detailed hints and explanations.

Multiple Choice

What is AS_PATH prepending and how can it be used to influence routing for security or policy purposes?

Explanation:
AS_PATH prepending is the act of adding extra occurrences of your own AS to the AS_PATH attribute in BGP announcements. This makes the advertised route appear longer to other networks, and since many routers prefer shorter AS_PATHs, the path with the additional repeats becomes less attractive for inbound traffic. This technique is useful for security or policy reasons because you can steer inbound traffic away from certain paths or ASes and toward paths you trust or control more tightly. For example, you might prepend to push traffic to a preferred upstream or avoid passing through a source you don’t want to route through, aligning traffic flows with security or business policies. It’s a simple, manual form of traffic engineering based on path length, and it’s not guaranteed: some networks ignore prepends, apply additional policies, or override decisions with other routing factors. It’s not about removing AS numbers, encrypting the AS_PATH, or setting a MED value, which are different mechanisms or attributes with separate purposes.

AS_PATH prepending is the act of adding extra occurrences of your own AS to the AS_PATH attribute in BGP announcements. This makes the advertised route appear longer to other networks, and since many routers prefer shorter AS_PATHs, the path with the additional repeats becomes less attractive for inbound traffic.

This technique is useful for security or policy reasons because you can steer inbound traffic away from certain paths or ASes and toward paths you trust or control more tightly. For example, you might prepend to push traffic to a preferred upstream or avoid passing through a source you don’t want to route through, aligning traffic flows with security or business policies. It’s a simple, manual form of traffic engineering based on path length, and it’s not guaranteed: some networks ignore prepends, apply additional policies, or override decisions with other routing factors.

It’s not about removing AS numbers, encrypting the AS_PATH, or setting a MED value, which are different mechanisms or attributes with separate purposes.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy