Blackholing traffic by ASN
Justin Shore
justin at justinshore.com
Wed Jan 30 23:33:20 UTC 2008
I'm sure all of us have parts of the Internet that we block for one
reason or another. I have existing methods for null routing traffic
from annoying hosts and subnets on our border routers today (I'm still
working on a network blackhole). However I've never tackled the problem
by targeting a bad guy's ASN. What's the best option for null routing
traffic by ASN? I could always add another deny statement in my inbound
eBGP route-maps to match a new as-path ACL for _BAD-ASN_ to keep from
accepting their routes to begin with. Are there any other good tricks
that I can employ?
I have another question along those same lines. Once I do have my
blackhole up and running I can easily funnel hosts or subnets into the
blackhole. What about funneling all routes to a particular ASN into the
blackhole? Are there any useful tricks here?
The ASN I'm referring to is that of the Russian Business Network. A
Google search should turn up plenty of info for those that haven't heard
of them.
Thanks
Justin
More information about the NANOG
mailing list