Fwd: Re: Digital Island sponsors DoS attempt?
Jeffrey Haas
jhaas at nexthop.com
Mon Oct 29 23:12:11 UTC 2001
On Mon, Oct 29, 2001 at 11:53:05AM -0800, Paul A Vixie wrote:
> ok, so how do you handle a situation like orbs/abovenet as in late 1999?
I don't have the AUP's in question so my speculation is going to be
tainted. I would probably have told them that I would continue announcing
their route (with the known hole) and prepended the heck out of it
to cause people to deprefer that prefix. Additionally, I might
have added a new community 6461:foo and registered that info in the IRR
saying that 6461:foo means that some customer is being abusive and
you're protecting the Internet from them.
The point, I guess, is you're AUP wasn't propagated. You can only
enforce the AUP with your direct customer.
> (c) block traffic
> to/from the /24 in question after carefully notifying the /16 owner that
> this would be done and why.
This causes the least problems to your direct customer. I can understand,
from a business perspective, how this was the preferred option.
However, it punished those who used your routes and wanted
<no-value-judgement>
to reach ORBS
</no-value-judgement>
and rewarded your customer for lax AUP.
> as we all know, (c) was chosen. great was the hue and even greater the cry.
> a recommendation was even made that if as6461 wasn't going to carry the whole
> /16 that it ought to chop it up and only advertise the parts it could reach,
> in spite of what these more-specifics would have done to the /16 owner's own
> routing policy (they were multihomed.)
>
> what would YOU have done? justify your answer. (show all work.)
I've noted my preferred solution (equivalent to the DON'T PREFER ME
community proposed some time ago). I also noted my opinions on
this a while back in the "How does one make not playing nice with
each other scale? (Was: net.terrorism)" thread.
I'm asking/suggesting: Is this just a business issue? Given the
way the routing system works today are we going to see a lot more
blackholes in the system? Does the routing protocol need to be adjusted
to deal with this business need or should the AUP deal with it?
--
Jeff Haas
NextHop Technologies
More information about the NANOG
mailing list