Re: bgp blackhole lists and transit providers

[Nathan Stratton <nathan () robotics net>]

On Tue, 9 Nov 1999, Mike Tancsa wrote:

> Lately, we have been running into this problem more and more.  One of our
> upstreams AT&T buys transit from Teleglobe. Teleglobe it seems subscribes
> to the maps.vix.com realtime blackhole list via BGP.  Now, I am all for
> limiting SPAM and such, but its starting to be an operational headache
> having to deal with customers asking our support staff why they cannot get
> to a certain web site.  The one that hit our support lines the most was
> 24.0.0.200 which was members.home.com.  It can be a challenge explaining
> the simplest of issues to end users, let alone upstream transit providers
> using bgp to blackhole a host.  The customer just wants to get to the
> granny's knitting guild!  At least with SMTP blocking, one end gets a
> message stating "their mail is unwelcome, see .... for details", where as
> when an intermediary is dropping all data, the end user just gets a vague
> error.
>
> My questions is, if you were buying transit from an upstream, and that
> upstream decided to partake in some sort of content filtering, how would
> you feel ? Do you think its right for transit providers to do so ? Its one
> thing if I choose to use this facility, but I feel a little helpless if two
> ASs away from me uses it... i.e. upstream says, "this way to 24.0.0.0/12",
> but then drops data going to 24.0.0.200/32.  I dont want to have to fill me
> router with a bunch of /32s so I can exit out UUnet to get around this.
>
> Yes, sure I want a proactive upstream to stop network abuse... particularly
> abuse issues, where I need their cooperation such as smurf attacks and
> such.  But on issues, where I have all the necessary tools and choice to
> deal with said issue (in this case SPAM), I would prefer it be left up to
> me on how I deal with foreign SPAM sites.

Well it is hard issue, shortly after I started NetRail I subscribed to the
BGP blackhole feed. Most of my dedicated customer were happy or did not
mind, I had one or two that did not like it. I offered them credit and
said they could find a new backbone provider.

SPAM is something I try as hard as I can to get rid of, without things
like the blackhole feed it takes off. Nets that are blocked by the feed
can be removed if they following the removal instructions (basically fix
their systems and get rid of the spam). If you have a customer that is not
happy that they can't reach a server on the @Home network, tell them the
issues and have them call @Home. 

P.S. @Home, when are you going to get some connectivity to UUNet? Having
my packets travel across the US to CIX is a pain in the butt. 

> <>
Nathan Stratton                         Tricetel Consulting
http://www.tricetel.net                 nathan () tricetel net
http://www.robotics.net                 nathan () robotics net

>       ---Mike 
> **********************************************************************
> Mike Tancsa, Network Admin        *  mike () sentex net
> Sentex Communications Corp,       *  http://www.sentex.net/mike
> Cambridge, Ontario                *  01.519.651.3400
> Canada                            *