Skip to content

PATTERN Cited by 1 source

AS-path prepending for traffic engineering

AS-path prepending for traffic engineering is the operator pattern of deliberately padding one's own ASN into the outbound AS path multiple times on specific sessions, to bias best-path selection away from that session without fully withdrawing the route.

Mechanism

Because receivers prefer shorter AS paths in the BGP best-path tiebreaker ladder (after local-preference, which is higher precedence), advertising X, X, X, X, Y on one session and X, Y on another will push most traffic toward the second session. The receiver's BGP loop-prevention check still only checks presence of the receiver's ASN in the path, so the multiple X repetitions are purely a preference signal — no real loop is introduced.

When to use it

  • Backup links: prepend on the backup so traffic only shifts to it when the primary withdraws.
  • Outage shaping: quickly push traffic off a circuit that's congested or underperforming, without the hard drop of withdrawal.
  • Multi-homed cost management: prefer cheaper transit by making the expensive provider's learned routes less attractive to peers.

Forensic side-effect: heavy prepending on leaked routes

signals accident, not attack

See concepts/as-path-prepending for the detailed forensic read. The short form: attackers want more traffic on leaked paths (shorter paths, no prepending); accidental leakers want less traffic (heavy prepending is what they configure or leave as default on the leg they didn't intend as primary). In the Cloudflare Venezuela post, nine prepends of 8048 on leaked paths is the single most direct piece of evidence against MITM intent.

Cloudflare's stated caveat

Cloudflare has argued in Prepends considered harmful that prepending is overused relative to more precise tools (BGP communities, local- preference). Heavy prepending is legitimate when precise tools are unavailable, but it should not be the default traffic-engineering lever.

Seen in

Last updated · 200 distilled / 1,178 read