Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability)

["Lane Patterson" <lpatterson () equinix com>]

Although someone mentioned using non-routable /30 or /31's on private eBGP peers, there hasn't been much broad-ranging 
discussion of keeping internal infrastructure addresses non-routable.  I am thinking of a couple different things here:

1.  Backbone addresses:  ISPs that hide interface addresses and/or primary loopback addresses, and best practices for 
doing so?  (e.g. traceroutes don't break, but the router uses say Loopback1 address to respond to them, while iBGP uses 
Loopback0.  All Loopback0 address blocks can be filtered at borders.)

2.  Public IX addresses:  ISPs that do not redistribute the IX prefix into their iBGP or IGP and do not use external 
next-hops (except local to the connected border router), but instead use the loopback of the border router when 
propogating these routes within their iBGP mesh.  This should not break traceroutes "through" the exchange, but will 
break any traffic such as ping, spoofed packets, etc. to the exchange from a non-connected router.

Can anyone provide pro/con, better description of config templates for doing this, and/or discussion of major networks 
that choose to do this, or not do this?

Cheers,
-Lane