Unwanted Traffic Removal Service (UTRS)

• Previous message (by thread): Unwanted Traffic Removal Service (UTRS)
• Next message (by thread): Unwanted Traffic Removal Service (UTRS)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 8 Oct 2014 16:42:38 +0200
Job Snijders <job at instituut.net> wrote:

> Just like chicory, personally I don't like it. Yes, Cymru has build a
> reputation as clearing house for redistribution of security related
> information. But... (aside from any local safety net filter), it's
> quite a leap to allow a single entity to inject blackholes for any
> prefix.

Hi Job,

Thanks for your comments.  I'm aware of some other projects, including
another one, much more elaborate, talked about in another session at
NANOG this week.  Do note, UTRS does not allow a single entity to inject
black holes for any prefix, only a limited number of /32's for their own
prefixes.  The presentation and the information page I linked to have
some additional details.

> IXPs could offer BGP or API triggered ACLs which are inserted into the
> peering fabric and only affect the participant's peering port(s). This
> way, any blackholing (either correctly applied or malicious) only
> affects the initator of that blackhole and nobody else. Advantages are
> that aclserver does not require peers to cooperate with each other and
> no validation is required.

I've heard of some IXPs recently offering this service, sounds great.
It has also been suggested we might talk to ISPs how to RTBH to their
customers and see if there was a way for those routes to be passed
further along, perhaps to something like UTRS for further
dissemination.  I'm not sure that would work, but it was an interesting
idea too.

Thanks for your comments,

John

• Previous message (by thread): Unwanted Traffic Removal Service (UTRS)
• Next message (by thread): Unwanted Traffic Removal Service (UTRS)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]