Blackholing traffic by ASN

Chris Adams cmadams at hiwaay.net
Thu Jan 31 14:07:55 UTC 2008


Once upon a time, Christopher Morrow <morrowc.lists at gmail.com> said:
> > Nowadays, most equipment can blackhole internally (to null0 say) at full
> > speed, so it isn't an issue. Just set your next hop to a good null0
> > style location on route import and you are done for traffic destined to
> > those locations.
> 
> ...do uRPF-loose-mode and you kill FROM these locations as well...

On Cisco, but not Juniper.

-- 
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.



More information about the NANOG mailing list