[16117] in North American Network Operators' Group
Re: SMURF amplifier block list
daemon@ATHENA.MIT.EDU (Forrest W. Christian)
Sun Apr 12 21:26:40 1998
Date: Sun, 12 Apr 1998 19:11:14 -0600 (MDT)
From: "Forrest W. Christian" <forrestc@iMach.com>
To: Karl Denninger <karl@mcs.net>
cc: Michael Dillon <michael@memra.com>, nanog@merit.edu
In-Reply-To: <19980412135700.59948@mcs.net>
I just came to realize that there is one big problem with using BGP to
blackhole these SMURF-amplifier sites.
Put really simply, if you create a BGP blackhole all you do is prevent
your packets from getting to their network - not the converse.
While being listed on a blackhole list which affects connectivity might be
enough to encourage people to set no ip directed-broadcast or equivalent
on appropriate interfaces, I'd rather see a real filter set which I can
drop the packets at my internet-facing edges. How to update the filter
set dynamically is another issue that I'd like to hear about.
Am I thinking correctly here or am I missing some convoluted BGP
configuration?
- Forrest W. Christian (forrestc@imach.com)
----------------------------------------------------------------------
iMach, Ltd., P.O. Box 5749, Helena, MT 59604 http://www.imach.com
Solutions for your high-tech problems. (406)-442-6648
----------------------------------------------------------------------