nanog mailing list archives
Re: Advisory - tunneling of IP at exchange points.
From: Alex Bligh <amb () gxn net>
Date: Tue, 25 Nov 1997 18:18:05 +0000
Jeff,
As I said, this solution isn't for everyone. Some people do set a next-hop self somewhere within their network, I would bet the majority. If this is the case for you, you can at least prevent people you don't peer with from doing it. Blackhole the NAP LANs, and add valid statics for the people you peer with.
This is possible but has other disadvantages. For instance, say you are a non-peer of MCI, but reach MCI with an egress interface of your IXP router (onto a 3rd party router). Let's say they reach MCI through another IXP router (hardly unlikely). Then all traceroutes from your IXP router will "*" out as MCI will have blackholed the source address your traceroute has come from. Also it does not fix the problem if it is a peer abusing your network (but very few solutions do). What we tried to do was look at methods which only hit the "illegal" traffic and had as little colateral damage as possible. However the most important thing probably isn't the suggested solutions, just a heads up that it's out there, happening (or more accurately was happening in at least one case). Once people know this, I'm sure they'll all have their own imaginative and creative solutions to fix this in a manner which best suits their network. -- Alex Bligh GX Networks (formerly Xara Networks)
Current thread:
- Advisory - tunneling of IP at exchange points. Paul Thornton (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Neil J. McRae (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Lyndon Levesley (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Jeff Swinton (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Lyndon Levesley (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Jeff Swinton (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Alex Bligh (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Lyndon Levesley (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. bmanning (Nov 25)
- Re: Advisory - tunneling of IP at exchange points. Neil J. McRae (Nov 25)
- <Possible follow-ups>
- RE: Advisory - tunneling of IP at exchange points. Dave Van Allen (Nov 26)
- RE: Advisory - tunneling of IP at exchange points. Craig A. Huegen (Nov 26)
- RE: Advisory - tunneling of IP at exchange points. Dave Van Allen (Nov 26)