nanog mailing list archives
Re: Blackhole Routes
From: Jeff Aitken <jaitken () aitken com>
Date: Thu, 30 Sep 2004 14:48:01 -0400
On Thu, Sep 30, 2004 at 02:15:49PM -0400, Deepak Jain wrote:
provider mistakenly advertises more routes than he should [lets say specifics in case #1] you can flood your upstreams' routers with specifics and potentially cause flapping or memory overflows... In case #2, presumably the blackhole community takes precedence, so if a customer is mistakenly readvertising their multihome provider's table with a 666 tag, all of the upstream providers might be blackholing the majority of their non-customer routes.
If a customer has a prefix filter, he cannot announce bogus routes. If every BGP session in your network is protected by a max-prefix limit, no matter who leaks, the damage will be limited and contained. If you apply both types of filter to all customers, the worst that can happen is that one of your larger customers can inject a few thousand of his own more-specifics into your network before he trips the max-prefix limit. Additionally, re: case #1 above, any customer-announced route with your blackhole community attached should be tagged with NO_EXPORT or your internal equivalent. --Jeff
Current thread:
- Re: Blackhole Routes, (continued)
- Re: Blackhole Routes Stephen J. Wilcox (Sep 30)
- Re: Blackhole Routes Michael . Dillon (Sep 30)
- Re: Blackhole Routes Robert A. Hayden (Sep 30)
- Re: Blackhole Routes Erik Haagsman (Sep 30)
- Re: Blackhole Routes Wayne E. Bouchard (Sep 30)
- Re: Blackhole Routes Deepak Jain (Sep 30)
- Re: Blackhole Routes Wayne E. Bouchard (Sep 30)
- Re: Blackhole Routes Richard A Steenbergen (Sep 30)
- Re: Blackhole Routes Mark Kasten (Sep 30)
- Re: Blackhole Routes Richard A Steenbergen (Sep 30)
- Re: Blackhole Routes Erik Haagsman (Sep 30)
- Re: Blackhole Routes Jeff Aitken (Sep 30)
- Re: Blackhole Routes Christopher L. Morrow (Sep 30)
- Re: Blackhole Routes Randy Bush (Sep 30)
- Re: Blackhole Routes Christopher L. Morrow (Sep 30)
- Re: Blackhole Routes Will Yardley (Sep 30)
- Re: Blackhole Routes Stephen J. Wilcox (Sep 30)
- Re: Blackhole Routes Richard A Steenbergen (Sep 30)
- Re: Blackhole Routes Stephen J. Wilcox (Sep 30)
- Re: Blackhole Routes Pete Templin (Sep 30)