On Wed, May 01, 2002 at 10:15:44PM -0400, Leo Bicknell wrote:
In a message written on Wed, May 01, 2002 at 08:17:04PM -0500, dies wrote:
Then you are pushing out /32's and peers would need to accept them. Then someone will want to blackhole /30's, /29's, etc. Route bloat. Yum!
I'm not sure what form this would take, but I have long wished route processing could be sent into a "programming language". For this specific example it would be nice to set a maximum number of route limit for the total number of routes on the session, as well as /per community/.
Agreed wholeheartedly. But then you'd have to have network engineers who could program (and no perl doesn't count). :)
That is, community xxxx:666 == blackhole me, and I could limit each peer to say, 6 of these at a time. More would not take down the session, but simply be ignored.
I can carry 6 /32's for every peer I have, and if they only have 6, they will probably use them for the most abusive target.
I give it 2 months, then they'll start hitting random dst IPs in a target prefix (say a common /24 going through the same path). -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)