North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMURF amplifier block list

  • From: Forrest W. Christian
  • Date: Sun Apr 12 21:53:49 1998

I just came to realize that there is one big problem with using BGP to
blackhole these SMURF-amplifier sites.

Put really simply, if you create a BGP blackhole all you do is prevent
your packets from getting to their network - not the converse.

While being listed on a blackhole list which affects connectivity might be
enough to encourage people to set no ip directed-broadcast or equivalent
on appropriate interfaces, I'd rather see a real filter set which I can
drop the packets at my internet-facing edges.  How to update the filter
set dynamically is another issue that I'd like to hear about.

Am I thinking correctly here or am I missing some convoluted BGP

- Forrest W. Christian ([email protected]) 
iMach, Ltd., P.O. Box 5749, Helena, MT 59604
Solutions for your high-tech problems.                  (406)-442-6648