North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: netscan.org update

  • From: dies
  • Date: Sun Sep 24 18:01:20 2000

For whatever reason Cisco's will TAKE null routes to classful broadcasts,
however, they will not propagate them.  You'll need a Juniper/GateD
Box/whatever to push out the routes...


And you would only want to null/discard the /32 of the actual ampilifier,
not the entire netblocks I would imagine.  If you null/discarded the
entire /24...well that would make some quite unhappy customers...The
object should be not to stop the smurf once it is ongoing, but to prevent
it from ever happening...


On another note, Troy if you need help with anything...Let me know I'd
like to get as many amp sites off the net as possible..


On Sun, 24 Sep 2000, James A. T. Rice wrote:

> 
> On Sun, 24 Sep 2000, Troy Davis wrote:
> 
> > links.  At last count, there are 66317 smurf-amplifying /24s; of course, 
> > they'd be aggregated where possible in the announcements.
> 
> Why aggregrate ? You could just announce the /32's of the actual broadcast
> addresses, and cause much less damage to other resources on that network.
> 
> Also if you do aggregrate, your blackhole route will probabally be less
> specific then the 'real' route, so the 'real' route and not the blackhole
> one is what would get used.
> 
> -James
> 
> 
>