North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: engineering --> ddos and flooding

  • From: Geoff Zinderdine
  • Date: Fri Jun 01 15:41:54 2001

Agreed.  Still you could just throw up a box at the end of that low speed
line and have your main peering session set it as NEXT_HOP for the host
route without needing it to be running a BGP session itself, no?

----- Original Message -----
From: "Mark Mentovai" <[email protected]>
To: "Geoff Zinderdine" <[email protected]>
Cc: <[email protected]>; <[email protected]>
Sent: Friday, June 01, 2001 2:07 PM
Subject: Re: engineering --> ddos and flooding


> Geoff Zinderdine wrote:
> >Why not just advertise the host route with an unreachable next hop from
your
> >main peering session?
>
> Maybe your upstream sets the NEXT_HOP to your side of the point-to-point
for
> you, just in case you neglected to do so.
>
> Even if they don't, who's to say what's unreachable?  If the NEXT_HOP is
> truly unreachable, in that there is no route to it, the BGP path won't be
> marked as valid and won't make it to the IP routing table (Loc-RIB.)
>
> I've long felt that IP should have come with a provision for an address
that
> is never routed.  It would be great if we could get something like
127.0.0.2
> for this very task.
>
> Mark
>