Re: RTBH no_export

[Alejandro Acosta <alejandroacostaalamo () gmail com>]

One more thing, RFC7999 has category Informational

El 31/1/19 a las 16:21, Theodore Baschak escribió:
> > On Jan 31, 2019, at 1:28 PM, Roel Parijs <roel.parijs () gmail com
> > <mailto:roel.parijs () gmail com>> wrote:
> >
> > For our BGP customers the problem is more complex. Our BGP customers
> > can send us the RTBH community, and we will drop the traffic at our
> > borders. Since we're only running a small network, we don't have the
> > capacity to deal with large attacks. If we would be able to forward
> > (and maybe alter it) this RTBH community towards our upstream
> > providers, the impact on our network would be limited. However, the
> > RFC states that an announcement tagged with the blackhole community
> > should get the no_advertise or no_export community.
> >
> > What is your opinion on this ?
>
> In RFC7999 section 3.2 the first paragraph talks about what you're
> mentioning, NO_EXPORT and/or NO_ADVERTISE. It uses the word SHOULD.
> SHOULD has special meaning in RFCs, its not MUST. Its also not MAY.
> RFC2119 talks about the way these words should be interpreted. 
>
> In the next paragraph it says that extreme caution should be used when
> "purposefully propagating IP prefixes tagged with the BLACKHOLE
> community outside the local routing domain, unless policy explicitly
> aims at doing just that."
>
> So if your local routing policy is to propagate those blackholes on to
> your upstreams (and its mutually agreed and they're configured to
> accept them), then it can be done. Nothing technical in the RFC
> stopping that. 
>
> Theo