[68180] in North American Network Operators' Group
RE: UUNet Offer New Protection Against DDoS
daemon@ATHENA.MIT.EDU (Lumenello, Jason)
Thu Mar 4 12:21:44 2004
Date: Thu, 4 Mar 2004 12:19:21 -0500
From: "Lumenello, Jason" <jlumenello@xo.com>
To: "Mark Kasten" <mark@cw.net>, <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------_=_NextPart_001_01C4020C.D5897DAE
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
This sounds like a good idea for us to consider. I think DoS attacks
typically get erased in the 95% discard a lot of people use in billing
though, but it still has value for the customer.
=20
=20
Thanks!
=20
Jason
=20
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Mark Kasten
Sent: Wednesday, March 03, 2004 5:35 PM
To: nanog@merit.edu
Subject: Re: UUNet Offer New Protection Against DDoS
=20
We actually accept up to the customers aggregate. So if they have a
/16, they can tag the whole /16. And we do not tag no-export. I saw
some time ago on a list, and I think Bill Manning suggested it, that if
you are getting bits for unused address space, to announce that address
space (up to host specific) with the DDoS community string. That keeps
the packets off of your link and thus you don't get charged for them.
The same can be done in reverse. We have a customer that is advertising
their larger block with the DDoS community string, and then advertising
the addresses they are actually using more specifically, so we blackhole
everything less specific. These are a couple of applications that can
be utilized if you don't tag no-export and accept more than just /32's
within their address space. FWIW.
Also, we are utilizing Juniper's DCU for tracebacks, which makes life
MUCH easier when tracing an attack. :-) SNMP polling the DCU counters
every few minutes is relatively fast and painless, and provides quick
results.
Mark
Lumenello, Jason wrote:
Oh, and I strip their communities, and apply no-export, on the first
term of my route map so the /32 does not get out. Of course my peer
facing policy requires specific communities to get out as well (belt and
suspenders).
=20
This method works very well, and you do not have to give up length
restrictions or maintain two sets of customer prefix/access lists.
=20
Jason
=20
=20
-----Original Message-----
From: Lumenello, Jason
Sent: Wednesday, March 03, 2004 4:52 PM
To: 'Stephen J. Wilcox'; james
Cc: nanog@merit.edu
Subject: RE: UUNet Offer New Protection Against DDoS
=20
I struggled with this, and came up with the following.
=20
We basically use a standard route-map for all customers where
the
=20
first
=20
term looks for the community. The customer also has a
prefix-list on
=20
their
=20
neighbor statement allowing their blocks le /32. The following
terms
=20
(term
=20
2 and above) in the route-map which do NOT look for the customer
=20
discard
=20
community, have a different standard/generic prefix-list
evaluation
=20
which
=20
blocks cruft and permits 0.0.0.0/0 ge 8 le 24.
=20
By doing this, I only accept a customer /32 from his dedicated
=20
prefix-list
=20
when it has the DOS discard community, otherwise I catch them
with the
=20
ge
=20
8 le 24 in the following terms.
=20
Jason Lumenello
IP Engineering
XO Communications
=20
=20
-----Original Message-----
From: owner-nanog@merit.edu
[mailto:owner-nanog@merit.edu] On Behalf
=20
Of
=20
Stephen J. Wilcox
Sent: Wednesday, March 03, 2004 3:48 PM
To: james
Cc: nanog@merit.edu
Subject: Re: UUNet Offer New Protection Against DDoS
=20
=20
=20
I'm puzzled by one aspect on the implementation.. how to
build your
customer
prefix filters.. that is, we have prefix-lists for
prefix and
=20
length.
=20
Therefore
at present we can only accept a tagged route for a whole
block.. not
=20
good
=20
if the
announcement is a /16 etc !
=20
Now, I could do as per the website at secsup.org which
means we have
=20
a
=20
route-map
entry to match the community before the filtering .. but
that would
=20
allow
=20
the
customer to null route any ip.
=20
What we need is one to allow them to announce any route
including
=20
more
=20
specifics of the prefix list - how are folks doing this?
=20
Steve
=20
On Wed, 3 Mar 2004, james wrote:
=20
=20
Global Crossing has this, already in production.
I was on the phone with Qwest yesterday & this
was one
of this things I asked about. Qwest indicated
they are
going to deploy this shortly. (i.e., send routes
tagged with
a community which they will set to null)
=20
=20
James Edwards
Routing and Security
jamesh@cybermesa.com
At the Santa Fe Office: Internet at Cyber Mesa
Store hours: 9-6 Monday through Friday
505-988-9200 SIP:1(747)669-1965
=20
=20
=20
=20
=20
------_=_NextPart_001_01C4020C.D5897DAE
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 10 (filtered)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";
color:black;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:blue;
text-decoration:underline;}
pre
{margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
span.EmailStyle18
{font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body bgcolor=3Dwhite lang=3DEN-US link=3Dblue vlink=3Dblue>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>This sounds like a good idea for us =
to consider.
I think DoS attacks typically get erased in the 95% discard a lot of =
people use
in billing though, but it still has value for the =
customer.</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>Thanks!</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>Jason</span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<div style=3D'border:none;border-left:solid blue 1.5pt;padding:0in 0in =
0in 4.0pt'>
<p class=3DMsoNormal><font size=3D2 color=3Dblack face=3DTahoma><span =
style=3D'font-size:
10.0pt;font-family:Tahoma;color:windowtext'>-----Original =
Message-----<br>
<b><span style=3D'font-weight:bold'>From:</span></b> =
owner-nanog@merit.edu
[mailto:owner-nanog@merit.edu] <b><span style=3D'font-weight:bold'>On =
Behalf Of </span></b>Mark
Kasten<br>
<b><span style=3D'font-weight:bold'>Sent:</span></b> Wednesday, March =
03, 2004
5:35 PM<br>
<b><span style=3D'font-weight:bold'>To:</span></b> nanog@merit.edu<br>
<b><span style=3D'font-weight:bold'>Subject:</span></b> Re: UUNet Offer =
New
Protection Against DDoS</span></font></p>
<p class=3DMsoNormal><font size=3D3 color=3Dblack face=3D"Times New =
Roman"><span
style=3D'font-size:12.0pt'> </span></font></p>
<p class=3DMsoNormal><font size=3D3 color=3Dblack face=3D"Times New =
Roman"><span
style=3D'font-size:12.0pt'>We actually accept up to the customers
aggregate. So if they have a /16, they can tag the whole =
/16. And
we do not tag no-export. I saw some time ago on a list, and I =
think Bill
Manning suggested it, that if you are getting bits for unused address =
space, to
announce that address space (up to host specific) with the DDoS =
community
string. That keeps the packets off of your link and thus you don't =
get
charged for them. The same can be done in reverse. We have a
customer that is advertising their larger block with the DDoS community =
string,
and then advertising the addresses they are actually using more =
specifically,
so we blackhole everything less specific. These are a couple of
applications that can be utilized if you don't tag no-export and accept =
more
than just /32's within their address space. FWIW.<br>
<br>
<br>
Also, we are utilizing Juniper's DCU for tracebacks, which makes life =
MUCH
easier when tracing an attack. :-) SNMP polling the DCU =
counters
every few minutes is relatively fast and painless, and provides quick =
results.<br>
<br>
<br>
Mark<br>
<br>
<br>
Lumenello, Jason wrote:<br>
<br>
</span></font></p>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>Oh, and I strip their communities, and apply =
no-export, on the first</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>term of my route map so the /32 does not get =
out. Of course my peer</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>facing policy requires specific communities =
to get out as well (belt and</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>suspenders).</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>This method works very well, and you do not =
have to give up length</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>restrictions or maintain two sets of customer =
prefix/access lists.</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Jason</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>-----Original =
Message-----</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>From: Lumenello, =
Jason</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Sent: Wednesday, March 03, 2004 4:52 =
PM</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>To: 'Stephen J. Wilcox'; =
james</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Cc: <a
href=3D"mailto:nanog@merit.edu">nanog@merit.edu</a></span></font></pre><p=
re><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Subject: RE: UUNet Offer New Protection =
Against DDoS</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>I struggled with this, and came up with the =
following.</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>We basically use a standard route-map for all =
customers where the</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>first</span></font></pre><pre><font size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>term looks for the community. The customer =
also has a prefix-list on</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>their</span></font></pre><pre><font size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>neighbor statement allowing their blocks le =
/32. The following terms</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>(term</span></font></pre><pre><font size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>2 and above) in the route-map which do NOT =
look for the customer</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>discard</span></font></pre><pre><font =
size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>community, have a different standard/generic =
prefix-list evaluation</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>which</span></font></pre><pre><font size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>blocks cruft and permits 0.0.0.0/0 ge 8 le =
24.</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>By doing this, I only accept a customer /32 =
from his dedicated</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>prefix-list</span></font></pre><pre><font =
size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>when it has the DOS discard community, =
otherwise I catch them with the</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>ge</span></font></pre><pre><font size=3D2 =
color=3Dblack
face=3D"Courier New"><span style=3D'font-size:10.0pt'> =
</span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>8 le 24 in the following =
terms.</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Jason Lumenello</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>IP Engineering</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>XO =
Communications</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>-----Original =
Message-----</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>From: <a
href=3D"mailto:owner-nanog@merit.edu">owner-nanog@merit.edu</a> [<a
href=3D"mailto:owner-nanog@merit.edu">mailto:owner-nanog@merit.edu</a>] =
On Behalf</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
</blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>Of</span></font></pre><pre><font size=3D2 =
color=3Dblack
face=3D"Courier New"><span style=3D'font-size:10.0pt'> =
</span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' type=3Dcite>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Stephen J. =
Wilcox</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Sent: Wednesday, March 03, 2004 3:48 =
PM</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>To: james</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Cc: <a
href=3D"mailto:nanog@merit.edu">nanog@merit.edu</a></span></font></pre><p=
re><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Subject: Re: UUNet Offer New Protection =
Against DDoS</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>I'm puzzled by one aspect on the =
implementation.. how to build your</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>customer</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>prefix filters.. that is, we have =
prefix-lists for prefix and</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
</blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>length.</span></font></pre><pre><font =
size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' type=3Dcite>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Therefore</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>at present we can only accept a tagged route =
for a whole block.. not</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>good</span></font></pre><pre><font size=3D2 =
color=3Dblack
face=3D"Courier New"><span style=3D'font-size:10.0pt'> =
</span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>if the</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>announcement is a /16 etc =
!</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Now, I could do as per the website at =
secsup.org which means we have</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
</blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>a</span></font></pre><pre><font size=3D2 =
color=3Dblack
face=3D"Courier New"><span style=3D'font-size:10.0pt'> =
</span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' type=3Dcite>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>route-map</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>entry to match the community before the =
filtering .. but that would</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>allow</span></font></pre><pre><font size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>the</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>customer to null route any =
ip.</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>What we need is one to allow them to announce =
any route including</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
</blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'>more</span></font></pre><pre><font size=3D2 =
color=3Dblack
face=3D"Courier New"><span style=3D'font-size:10.0pt'> =
</span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' type=3Dcite>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>specifics of the prefix list - how are folks =
doing this?</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Steve</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>On Wed, 3 Mar 2004, james =
wrote:</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre>
<blockquote style=3D'margin-top:5.0pt;margin-bottom:5.0pt' =
type=3Dcite><pre wrap=3D""><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Global Crossing has this, already in =
production.</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>I was on the phone with Qwest yesterday & =
this was one</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>of this things I asked about. Qwest indicated =
they are</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>going to deploy this shortly. (i.e., send =
routes tagged with</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>a community which they will set to =
null)</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>James Edwards</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Routing and =
Security</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'><a
href=3D"mailto:jamesh@cybermesa.com">jamesh@cybermesa.com</a></span></fon=
t></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>At the Santa Fe Office: Internet at Cyber =
Mesa</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>Store hours: 9-6 Monday through =
Friday</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'>505-988-9200 =
SIP:1(747)669-1965</span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre><pre><font
size=3D2 color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> =
</span></font></pre></blockquote>
</blockquote>
</blockquote>
<pre wrap=3D""><font size=3D2 color=3Dblack face=3D"Courier New"><span
style=3D'font-size:10.0pt'> </span></font></pre><pre><font size=3D2
color=3Dblack face=3D"Courier New"><span =
style=3D'font-size:10.0pt'> </span></font></pre></div>
</div>
</body>
</html>
=00
------_=_NextPart_001_01C4020C.D5897DAE--
