[nsp-sec] [OT] Providers with RTBH capability?
Nick Hilliard
nick at inex.ie
Wed Apr 10 05:52:00 EDT 2013
On 10/04/2013 00:07, John Kristoff wrote:
> I'd probably have it interact more directly with a local Quagga/BIRD
> router than doing snmp or tftp or even just run Net::BGP directly. Any
> interest in a version like that? I really feel like I need to redeem
> myself here. Please. :-)
Would be a better approach to build an rtbh server using something which is
either fully scriptable with static config files or which can directly feed
off an sql data source. BIRD and OpenBGPD are good for the first (I built
a simple system a couple of years ago using o-bgpd), but Exabgp looks very
interesting for the latter. Once you can chain off an sql database, it's
trivial to put in a controlled front end to allow a) noc people access to
the rtbh system and b) controlled expiry of existing entries.
Nick
More information about the nsp-security
mailing list