^ Top

NANOG Meeting Presentation Abstract

Tutorial: Options for Blackhole and Discard Routing
Meeting: NANOG32
Date / Time: 2004-10-17 1:30pm - 3:00pm
Room: Lake Fairfax
Presenters: Speakers:

Joe Soricelli, Juniper

Joseph M. Soricelli is a Professional Services Engineer at Juniper. He is a Juniper Networks Certified Internet Engineer, a Juniper Networks Authorized Instructor, and a Cisco Certified Internet Expert. He is the author of <I>Juniper Networks Certified Internet Associate Study Guide</I> and <I>Juniper Networks Certified Internet Specialist Study Guide</I>. In addition to writing numerous training courses, he has worked with and trained carriers, telcos, and ISPs throughout his career in the networking industry.

Wayne Gustavus, Verizon

Wayne Gustavus Wayne Gustavus is a member of the IP Operations Support team for Verizon Internet Services. He is a Cisco Certified Internetwork Expert and has over 10 years experience in the networking industry. His current responsibilities at Verizon include supporting the national, multi-vendor router network that provides IP services for consumer and business customers. Wayne is a member of the NSP-SEC community and is active in Verizon\'s security operations, including the Inter-NOC Dial-By-ASN (INOC-DBA) network, anti-DDoS efforts, and blackhole routing infrastructure.
Abstract: This intermediate-level tutorial offers attendees a view of some common practices for operating a blackhole service. As security concerns abound in the Internet, operators and providers are constantly exploring methods for protecting their networks and customers. During this intermediate-level tutorial we assume that attendees have basic IGP and BGP networking skills. We then build on this basic knowledge by discussing announcement methods for blackholing traffic across the network. In addition, some options for counting and logging the discarded traffic are discussed. Throughout the tutorial, operational and configuration commands from multiple vendors are used to illustrate the tutorial concepts.



A brief outline of the material follows:

  1. Assumptions

  2. Discard options

    • Static route to null

    • Discard interface

  3. Mapping addresses to blackhole services

    • BGP advertisements

    • Communities

    • Multihop options

    • Altering next hop


  4. Injecting routes

    • Dedicated server

    • Accepting routes from customers

    • Accepting routes from peers


  5. Accounting and Counting Options


    • Filters

    • ACLs

    • Counters

    • Syslog

    • Logging


  6. Who to discard?

    • Attacks from customers

    • Attacks to customers

    • Unallocated address space (bogons?)

    • Attacks from peers


Files: pdfJoe Soricelli Presentation(PDF)
youtubeOptions for Blackhole and Discard Routing
Sponsors: None.

Back to NANOG32 agenda.

NANOG32 Abstracts

  • Botnets
    Speakers:
    John Kristoff, Northwestern University;
  • BGP—The Movie
    Speakers:
    Geoff HustonAPNIC; .
    George MichaelsonAPNIC; .
    Philip SmithCisco Systems; .
  • BGP—The Movie
    Speakers:
    Geoff HustonAPNIC; .
    George MichaelsonAPNIC; .
    Philip SmithCisco Systems; .
  • BGP—The Movie
    Speakers:
    Geoff HustonAPNIC; .
    George MichaelsonAPNIC; .
    Philip SmithCisco Systems; .
  • Life and Times of J-Root
    Speakers:
    Piet BarberVerisign; .
    Matt LarsonVerisign; .
    Mark KostersVerisign; .
    Pete ToscanoVerisign; .
  • Life and Times of J-Root
    Speakers:
    Piet BarberVerisign; .
    Matt LarsonVerisign; .
    Mark KostersVerisign; .
    Pete ToscanoVerisign; .
  • Life and Times of J-Root
    Speakers:
    Piet BarberVerisign; .
    Matt LarsonVerisign; .
    Mark KostersVerisign; .
    Pete ToscanoVerisign; .
  • Life and Times of J-Root
    Speakers:
    Piet BarberVerisign; .
    Matt LarsonVerisign; .
    Mark KostersVerisign; .
    Pete ToscanoVerisign; .

 
^ Back to Top