[nsp-sec] [OT] Providers with RTBH capability?
John Kristoff
jtk at cymru.com
Tue Apr 9 19:07:38 EDT 2013
On Tue, 9 Apr 2013 13:04:49 +0100 (BST)
Steve Colam <sjc at eng.gxn.net> wrote:
> Attached script... modified version of Johns original.
I don't know if I should be honored or afraid for you. You're brave to
use my Perl code from that period.
> tag 9000 - blackhole within own asn
> you will statics to (and a Null0 interface):
> ipv4 <v4>/32 Null0
> ipv6 <v6addr>/128 Null0
Do you think there would be any interest in an option to enable traffic
to be sinkholed by setting a next hop to a tunnel or something? If it
is the type of traffic can be sinked, we could then feed that directly
back to source networks through a reporting process.
> We have an external script to do snmp pull/push; I've not included
> that. Johns original has code to do this in it...
> mkdir /tftpboot/bhrs; chgrp <www> /tftpboot/bhrs
I'd probably have it interact more directly with a local Quagga/BIRD
router than doing snmp or tftp or even just run Net::BGP directly. Any
interest in a version like that? I really feel like I need to redeem
myself here. Please. :-)
John
More information about the nsp-security
mailing list