Blackhole Routes

Christopher L. Morrow christopher.morrow at mci.com
Thu Sep 30 20:18:54 UTC 2004


On Thu, 30 Sep 2004, Jeff Aitken wrote:

>
> On Thu, Sep 30, 2004 at 02:15:49PM -0400, Deepak Jain wrote:
> > provider mistakenly advertises more routes than he should [lets say
> > specifics in case #1] you can flood your upstreams' routers with
> > specifics and potentially cause flapping or memory overflows...
> >
> > In case #2, presumably the blackhole community takes precedence, so if a
> > customer is mistakenly readvertising their multihome provider's table
> > with a 666 tag, all of the upstream providers might be blackholing the
> > majority of their non-customer routes.
>
> If a customer has a prefix filter, he cannot announce bogus routes.
>

true, but not universal, sadly.

> If every BGP session in your network is protected by a max-prefix
> limit, no matter who leaks, the damage will be limited and contained.
>

true, also not univeral, sadly. Many networks out there do NOT use any of
these protections...



More information about the NANOG mailing list