[74520] in North American Network Operators' Group
Re: Blackhole Routes
daemon@ATHENA.MIT.EDU (Deepak Jain)
Thu Sep 30 14:19:00 2004
Date: Thu, 30 Sep 2004 14:15:49 -0400
From: Deepak Jain <deepak@ai.net>
To: "Wayne E. Bouchard" <web@typo.org>
Cc: Erik Haagsman <erik@we-dare.net>,
"Robert A. Hayden" <rhayden@geek.net>,
Abhishek Verma <abhishekv.verma@gmail.com>, nanog@merit.edu
In-Reply-To: <20040930170842.GA73940@typo.org>
Errors-To: owner-nanog-outgoing@merit.edu
> It goes a little further than that these days. Folks are openly
> allowing customers to advertize routes with something lika a 666
> community which will then be blackholed within their network. So if
> you're a service provider with your own blackhole system, you can
> easily tie it into your upstream's system and dump the traffic many
> hops away from you meaning that the traffic is getting dumped closer
> to the source than the destination in a fair number of cases.
>
This is very dangerous however.....
If providers start tying their customer's blackhole announcements to the
provider's upstreams' blackhole announcements in an AUTOMATIC process,
bad things <tm> are likely to happen. What happens when a customer of a
provider mistakenly advertises more routes than he should [lets say
specifics in case #1] you can flood your upstreams' routers with
specifics and potentially cause flapping or memory overflows...
In case #2, presumably the blackhole community takes precedence, so if a
customer is mistakenly readvertising their multihome provider's table
with a 666 tag, all of the upstream providers might be blackholing the
majority of their non-customer routes.
Non-automatic tying of customer blackholes to upstream or peer
blackholes is a powerful tool to improve the stability of the net as a
whole.
Deepak Jain
AiNET
