|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: engineering --> ddos and flooding
> Assuming not adding the extra connection, this means that upstream prefix > filtering, so that one can't mistakenly inject 255 /24s rather than a > single /16, would go out the window. Now think about /32s and what the > routing tables will start to look like. Now consider that the upstream > would also want to send to its upstream Tier-1 the NULLROUTE /32 as well so > that his bandwidth is not eaten up as well and we have a situation whereby > routing table size will triple in size every year. This is a stop gap measure for customer networks. Those null routed /32s are not meant to be permanently advertised, they are meant to free the customer's pipe from smurf/fraggle until the SP can do something about it. What would be the point of permanently blackholing a host on your network? I would imagine that most tier 1's are going to filter anything longer than a /24 whether you advertise it or not. The question isn't about route table size, it is whether your SP will go the extra mile to give you a proactive option to deal with attack and has someone clueful to implement it that will take responsibility for it (not that it is hard). This is a very limited measure that only helps in a very particular situation for a small subset of customer networks. I think it is a very useful tool for that particular situation... it is not meant as a principle that SP networks should apply to their upstream as well. Geoff Zinderdine CCNP CCA MCP MTS Communications Inc. ================================================================ The views expressed here are not necessarily those of my employer.
|