nanog mailing list archives
Kill Verisign Routes :: A Dynamic BGP solution
From: "Eric Germann" <ekgermann () cctec com>
Date: Thu, 18 Sep 2003 18:08:47 -0400
I wanted to discuss the merits of the following: I have written a proof of concept solution to nuke a route to sitefinder. Code to those who care or to the list if anyone cares. Perl is your friend :) Basic concept: Use Net::BGP to set up a peering session with my route server. Query DNS for *.com and *.net on x interval. Then take the answers (if they are valid A records) and inject them into the route server (which in our case is used solely to feed a blackhole network to sink traffic from APNIC space, etc). If an address no longer appears in the DNS (i.e. the idiots switched hosts), withdraw the route. If they set up multiple hosts, it will catch each one of them. You can set the polling interval as you please. Thoughts? Eric ========================================================================== Eric Germann CCTec ekgermann () cctec com Van Wert OH 45891 http://www.cctec.com Ph: 419 968 2640 Fax: 603 825 5893 "The fact that there are actually ways of knowing and characterizing the extent of one’s ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky" -- Jon Giorgini of NASA’s Jet Propulsion Laboratory
Current thread:
- Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution David Schwartz (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution David Schwartz (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- Re: Kill Verisign Routes :: A Dynamic BGP solution Stephen J. Wilcox (Sep 18)
- Re: Kill Verisign Routes :: A Dynamic BGP solution Damian Gerow (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- <Possible follow-ups>
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 19)
- RE: Kill Verisign Routes :: A Dynamic BGP solution David Schwartz (Sep 18)