[182521] in North American Network Operators' Group
Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last
daemon@ATHENA.MIT.EDU (ML)
Mon Jul 20 15:40:06 2015
X-Original-To: nanog@nanog.org
To: nanog@nanog.org
From: ML <ml@kenweb.org>
Date: Mon, 20 Jul 2015 15:40:09 -0400
In-Reply-To: <13446.1437418638@turing-police.cc.vt.edu>
Errors-To: nanog-bounces@nanog.org
On 7/20/2015 2:57 PM, Valdis.Kletnieks@vt.edu wrote:
> On Mon, 20 Jul 2015 19:42:39 +0100, Colin Johnston said:
>> see below for china ranges I believe, ipv4 and ipv6
> You may believe... but are you *sure*? (Over the years, we've seen
> *lots* of "block China" lists that accidentally block chunks allocated
> to Taiwan or Australia or other Pacific Rim destinations).
>
If you really wanted to go the route of blocking all/almost all China.
Isn't there a short list of ASNs that provide transit to China
citizens/networks?
I'm referring to AS4134, AS4837, etc
Wouldn't blackholing any prefix with those ASNs in the AS path
accomplish the goal and stay up to date with a new prefixes originated
from China?
