nanog mailing list archives
Blackholing traffic by ASN
From: Justin Shore <justin () justinshore com>
Date: Wed, 30 Jan 2008 17:33:20 -0600
I'm sure all of us have parts of the Internet that we block for one reason or another. I have existing methods for null routing traffic from annoying hosts and subnets on our border routers today (I'm still working on a network blackhole). However I've never tackled the problem by targeting a bad guy's ASN. What's the best option for null routing traffic by ASN? I could always add another deny statement in my inbound eBGP route-maps to match a new as-path ACL for _BAD-ASN_ to keep from accepting their routes to begin with. Are there any other good tricks that I can employ?
I have another question along those same lines. Once I do have my blackhole up and running I can easily funnel hosts or subnets into the blackhole. What about funneling all routes to a particular ASN into the blackhole? Are there any useful tricks here?
The ASN I'm referring to is that of the Russian Business Network. A Google search should turn up plenty of info for those that haven't heard of them.
Thanks Justin
Current thread:
- Blackholing traffic by ASN Justin Shore (Jan 30)
- Re: Blackholing traffic by ASN Deepak Jain (Jan 30)
- Re: Blackholing traffic by ASN Christopher Morrow (Jan 30)
- Re: Blackholing traffic by ASN Chris Adams (Jan 31)
- Re: Blackholing traffic by ASN Christopher Morrow (Jan 30)
- Re: Blackholing traffic by ASN Justin M. Streiner (Jan 30)
- Re: Blackholing traffic by ASN Danny McPherson (Jan 30)
- Re: Blackholing traffic by ASN Justin Shore (Jan 31)
- <Possible follow-ups>
- Re: Blackholing traffic by ASN Paul Ferguson (Jan 30)
- Re: Blackholing traffic by ASN Paul Ferguson (Jan 30)
- Re: Blackholing traffic by ASN Deepak Jain (Jan 30)