Blackholing traffic by ASN
Chris Adams
cmadams at hiwaay.net
Thu Jan 31 14:07:55 UTC 2008
Once upon a time, Christopher Morrow <morrowc.lists at gmail.com> said:
> > Nowadays, most equipment can blackhole internally (to null0 say) at full
> > speed, so it isn't an issue. Just set your next hop to a good null0
> > style location on route import and you are done for traffic destined to
> > those locations.
>
> ...do uRPF-loose-mode and you kill FROM these locations as well...
On Cisco, but not Juniper.
--
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the NANOG
mailing list