On Mon, Oct 29, 2001 at 11:53:05AM -0800, Paul A Vixie wrote:
ok, so how do you handle a situation like orbs/abovenet as in late 1999?
I don't have the AUP's in question so my speculation is going to be tainted. I would probably have told them that I would continue announcing their route (with the known hole) and prepended the heck out of it to cause people to deprefer that prefix. Additionally, I might have added a new community 6461:foo and registered that info in the IRR saying that 6461:foo means that some customer is being abusive and you're protecting the Internet from them. The point, I guess, is you're AUP wasn't propagated. You can only enforce the AUP with your direct customer.
(c) block traffic to/from the /24 in question after carefully notifying the /16 owner that this would be done and why.
This causes the least problems to your direct customer. I can understand, from a business perspective, how this was the preferred option. However, it punished those who used your routes and wanted <no-value-judgement> to reach ORBS </no-value-judgement> and rewarded your customer for lax AUP.
as we all know, (c) was chosen. great was the hue and even greater the cry. a recommendation was even made that if as6461 wasn't going to carry the whole /16 that it ought to chop it up and only advertise the parts it could reach, in spite of what these more-specifics would have done to the /16 owner's own routing policy (they were multihomed.)
what would YOU have done? justify your answer. (show all work.)
I've noted my preferred solution (equivalent to the DON'T PREFER ME community proposed some time ago). I also noted my opinions on this a while back in the "How does one make not playing nice with each other scale? (Was: net.terrorism)" thread. I'm asking/suggesting: Is this just a business issue? Given the way the routing system works today are we going to see a lot more blackholes in the system? Does the routing protocol need to be adjusted to deal with this business need or should the AUP deal with it? -- Jeff Haas NextHop Technologies