[175030] in North American Network Operators' Group
Re: Unwanted Traffic Removal Service (UTRS)
daemon@ATHENA.MIT.EDU (Alexandre Snarskii)
Wed Oct 8 12:44:35 2014
X-Original-To: nanog@nanog.org
Date: Wed, 8 Oct 2014 20:44:19 +0400
From: Alexandre Snarskii <snar@snar.spb.ru>
To: Job Snijders <job@instituut.net>
In-Reply-To: <20141008144238.GE10316@Vurt.local>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Wed, Oct 08, 2014 at 04:42:38PM +0200, Job Snijders wrote:
>
> There are various flavors at the moment in terms of validation (please
> correct me if I am wrong): The Polish blackholing project only allows
> blackholes which fall within the set of prefixes which an ASN
> originates, the DE-CIX BS service accepts anything that is a subset of
> your AS-SET.
There is also "dynamic validation" approach: blackhole route is considered
valid for injection if and only if there is a covering less-specific route
with the best-path pointing to the same exit point as blackhole route.
(definition of "exit point" can vary from "next ASn is the same
we received blackhole from" to "both as-path and next-hops must be the
same and aggregate route must be marked as customer's one").
This approach has its downside too: it requires you to run task-specific
bgp speaker. Worse yet, usually you have to write that speaker :)
--
In theory, there is no difference between theory and practice.
But, in practice, there is.
