nanog mailing list archives
Re: Unwanted Traffic Removal Service (UTRS)
From: John Kristoff <jtk () cymru com>
Date: Wed, 8 Oct 2014 09:52:07 -0500
On Wed, 8 Oct 2014 16:42:38 +0200 Job Snijders <job () instituut net> wrote:
Just like chicory, personally I don't like it. Yes, Cymru has build a reputation as clearing house for redistribution of security related information. But... (aside from any local safety net filter), it's quite a leap to allow a single entity to inject blackholes for any prefix.
Hi Job, Thanks for your comments. I'm aware of some other projects, including another one, much more elaborate, talked about in another session at NANOG this week. Do note, UTRS does not allow a single entity to inject black holes for any prefix, only a limited number of /32's for their own prefixes. The presentation and the information page I linked to have some additional details.
IXPs could offer BGP or API triggered ACLs which are inserted into the peering fabric and only affect the participant's peering port(s). This way, any blackholing (either correctly applied or malicious) only affects the initator of that blackhole and nobody else. Advantages are that aclserver does not require peers to cooperate with each other and no validation is required.
I've heard of some IXPs recently offering this service, sounds great. It has also been suggested we might talk to ISPs how to RTBH to their customers and see if there was a way for those routes to be passed further along, perhaps to something like UTRS for further dissemination. I'm not sure that would work, but it was an interesting idea too. Thanks for your comments, John
Current thread:
- Unwanted Traffic Removal Service (UTRS) John Kristoff (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) Job Snijders (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) John Kristoff (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) William Herrin (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) John Levine (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) Job Snijders (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) Alexandre Snarskii (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) Christian Seitz (Oct 09)
- Re: Unwanted Traffic Removal Service (UTRS) Job Snijders (Oct 09)
- Re: Unwanted Traffic Removal Service (UTRS) John Kristoff (Oct 09)
- RE: Unwanted Traffic Removal Service (UTRS) Naslund, Steve (Oct 09)
- Re: Unwanted Traffic Removal Service (UTRS) Hank Nussbacher (Oct 09)
- Re: Unwanted Traffic Removal Service (UTRS) Job Snijders (Oct 08)
- Re: Unwanted Traffic Removal Service (UTRS) William Herrin (Oct 08)