[74562] in North American Network Operators' Group
Re: Blackhole Routes
daemon@ATHENA.MIT.EDU (Robert E.Seastrom)
Sun Oct 3 10:20:09 2004
To: Ian Dickinson <ian.dickinson@pipex.net>
Cc: Richard A Steenbergen <ras@e-gerbil.net>, nanog@merit.edu
From: Robert E.Seastrom <rs@seastrom.com>
Date: Sun, 03 Oct 2004 10:19:33 -0400
In-Reply-To: <415FDB24.7090909@pipex.net> (Ian Dickinson's message of "Sun,
03 Oct 2004 11:57:40 +0100")
Errors-To: owner-nanog-outgoing@merit.edu
Ian Dickinson <ian.dickinson@pipex.net> writes:
> My point is that no-export or no-advertise doesn't play well with
> multiple ASNs under common admin control.
If this is your situation, perhaps already you have propagation
suppression communities that cause the Right Thing to happen at the
outer edge of your pile-o-ASes. I've certainly done that when in a
similar situation. Send that community along with the blackhole
community and you're done. You're correct that the well-known
communities don't scale to multiple ASes.
> Don't simplify the protocol
> unnecessarily based on your specific assumptions on how others may or
> may not use a feature.
Trying to morph the protocol into something that is arbitrarily
complex and custom-tailored to your particular situation is no better
in terms of assumptions of how others may or may not use a feature.
Provide basic building blocks and let people build out of them what they may.
> Blackholing schemes need to be simple enough
> to employ in a hurry at 4am whilst still achieving the desired effect.
And Richard's suggestion is just that.
---Rob
