Blackhole Routes

Robert E.Seastrom rs at seastrom.com
Sun Oct 3 14:19:33 UTC 2004



Ian Dickinson <ian.dickinson at pipex.net> writes:

> My point is that no-export or no-advertise doesn't play well with
> multiple ASNs under common admin control.

If this is your situation, perhaps already you have propagation
suppression communities that cause the Right Thing to happen at the
outer edge of your pile-o-ASes.  I've certainly done that when in a
similar situation.  Send that community along with the blackhole
community and you're done.  You're correct that the well-known
communities don't scale to multiple ASes.

> Don't simplify the protocol
> unnecessarily based on your specific assumptions on how others may or
> may not use a feature.

Trying to morph the protocol into something that is arbitrarily
complex and custom-tailored to your particular situation is no better
in terms of assumptions of how others may or may not use a feature.

Provide basic building blocks and let people build out of them what they may.

> Blackholing schemes need to be simple enough
> to employ in a hurry at 4am whilst still achieving the desired effect.

And Richard's suggestion is just that.

                                        ---Rob




More information about the NANOG mailing list