[102186] in North American Network Operators' Group
Re: Blackholing traffic by ASN
daemon@ATHENA.MIT.EDU (Chris Adams)
Thu Jan 31 09:09:11 2008
Date: Thu, 31 Jan 2008 08:07:55 -0600
From: Chris Adams <cmadams@hiwaay.net>
To: nanog@merit.edu
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, nanog@merit.edu
In-Reply-To: <75cb24520801302121k48b7a9edq8bca4bc9b64c9369@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
Once upon a time, Christopher Morrow <morrowc.lists@gmail.com> said:
> > Nowadays, most equipment can blackhole internally (to null0 say) at full
> > speed, so it isn't an issue. Just set your next hop to a good null0
> > style location on route import and you are done for traffic destined to
> > those locations.
>
> ...do uRPF-loose-mode and you kill FROM these locations as well...
On Cisco, but not Juniper.
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
