> wee! and for some extra fun, just append the bad-guy's ASN to your
> route announcements, force bgp loop-detection to kill the traffic on
> their end (presuming they don't default-route as well)
Even more fun if you are not the only one filtering that ASN. :)
Andras
Justin Shore wrote:
The ASN I'm referring to is that of the Russian Business Network. A
Google search should turn up plenty of info for those that haven't heard
of them.
Thanks for the replies. They were along the lines of what I was
expecting (as-path ACL filtering & route-maps). I was w
Once upon a time, Christopher Morrow <[EMAIL PROTECTED]> said:
> > Nowadays, most equipment can blackhole internally (to null0 say) at full
> > speed, so it isn't an issue. Just set your next hop to a good null0
> > style location on route import and you are done for traffic destined to
> > those
On Jan 30, 2008 3:54 PM, Deepak Jain <[EMAIL PROTECTED]> wrote:
>
>
> This is prior art. (Assuming your hardware has a hardware blackhole (or
> you have a little router sitting on the end of a circuit)) you adjust
> your route-map that would deny the entry to set a community or next-hop
> pointing
On Jan 30, 2008, at 4:33 PM, Justin Shore wrote:
I'm sure all of us have parts of the Internet that we block for one
reason or another. I have existing methods for null routing
traffic from annoying hosts and subnets on our border routers today
(I'm still working on a network blackhole
On Wed, 30 Jan 2008, Justin Shore wrote:
I'm sure all of us have parts of the Internet that we block for one reason or
another. I have existing methods for null routing traffic from annoying
hosts and subnets on our border routers today (I'm still working on a network
blackhole). However I'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Paul Ferguson" <[EMAIL PROTECTED]> wrote:
>-- Justin Shore <[EMAIL PROTECTED]> wrote:
>
>>The ASN I'm referring to is that of the Russian Business Network. A
Google search should turn up plenty of info for those that haven't heard
of them.
>
This is prior art. (Assuming your hardware has a hardware blackhole (or
you have a little router sitting on the end of a circuit)) you adjust
your route-map that would deny the entry to set a community or next-hop
pointing to your blackhole location.
Nowadays, most equipment can blackhole i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Justin Shore <[EMAIL PROTECTED]> wrote:
>The ASN I'm referring to is that of the Russian Business Network. A
Google search should turn up plenty of info for those that haven't heard
of them.
>
Not possible anymore, sorry -- they have now div
I'm sure all of us have parts of the Internet that we block for one
reason or another. I have existing methods for null routing traffic
from annoying hosts and subnets on our border routers today (I'm still
working on a network blackhole). However I've never tackled the problem
by targeting
10 matches
Mail list logo
