Tier1 blackholing policy?

• Previous message (by thread): Tier1 blackholing policy?
• Next message (by thread): Andros Island Connectivity?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 30, 2013 at 10:31 AM, Thomas Schmid <schmid at dfn.de> wrote:
> We received recently customer complaints stating they can't reach certain
> websites.
> Investigation showed that the sites were not reachable via Tier1-T, but fine
> via
> Tier1-L. I contacted Tier1-T and the answer was something like "yeah, this
> is a known phishing
> site and to protect our customers we blackhole that IP" (btw - it was 2 ASes
> away from Tier1-T).

Hi Thomas,

On the one hand, companies providing Internet transit are not
generally compelled by law to pass packets for any other given company
on the Internet.

On the other hand, announcing via BGP that you will carry particular
packets and then intentionally dropping them on the floor could easily
be construed as tortious interference.

The middle ground... propagating a BGP announcement but blocking a
small piece within it... I think I'd want to cover my backside by
setting a BGP community on that route which advised my peers that a
portion of it is dead-routed within my network so that they may
discard or deprioritize it if they choose.

Regards,
Bill Herrin

-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

• Previous message (by thread): Tier1 blackholing policy?
• Next message (by thread): Andros Island Connectivity?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]