[j-nsp] BGP Blackhole communities

[Chris Morrow]

On 10/20/10 17:03, Richard A Steenbergen wrote:
> On Wed, Oct 20, 2010 at 04:23:23PM -0400, Chris Morrow wrote:
>>
>> 4) reset next-hop as you ship the route internally to IBGP neighbors
>> (see ... the Wayne Gustavus's (verizon) talk from NANOG32 in Reston:
>> <http://www.nanog.org/meetings/nanog32/presentations/soricelli.pdf>)
>>
>> there are, as RAS is pointing out, many ways to skin this cat.
> 
> Well, that would work if you're adding a local static route to discard 
> and then reannouncing it into IBGP... But if you're receiving the route 
> from a customre EBGP session that wouldn't install the null route on the 
> local box, potentially leaving you open to one customer flooding another 
> customer on the same router.

yup, customers can still get 'local' traffic, and yes every device has
the same dsc0 or discard route setup for the next-hop address.

> I also had some people point off offline that you could build a single 
> prefix-list policy, then allow null routes to be accepted, and THEN 
> begin your regular customer border policies. This is also true, but I 
> forgot to mention that I've also found value in having separate max 
> prefix limits for null route vs regular routes, which you couldn't 
> implement via a policy over a single session. This entire discussion 

I actually like the 'use a new session' model, it does clarify things
for everyone... though there are potentially some scaling issues with
this dimension as well.

> needs a giant disclaimer that says "Warning: The number of BGP speaking 
> customers out there who aren't really masters of route-map and who will 
> accidentally try to null route their entire bgp session is higher than 
> you might expect". Making them actually take the time to configure a 

hahahaa, bell canada... yes, there are lots of people who don't grok bgp
from the customer side :( handing them a templated config (and templated
change set) is helpful.

-chris