Re: Peering with abusers...good or bad?
So I want to buy additional ports at each IX. The slowest speed they offer. If I am lucky they have a free 100 Mbps. And then I just announce the prefix I want to blackhole. Doesn't matter that the port overloads. I am just going to null route the traffic anyway... Regards Baldur Den 3. mar. 2018 01.12 skrev "Job Snijders" <job@instituut.net>: On Sat, 3 Mar 2018 at 01:08, Bryan Holloway <bryan@shout.net> wrote:
On 3/2/18 5:29 PM, Ca By wrote:
On Fri, Mar 2, 2018 at 2:13 PM Matthew Petach <mpetach@netflight.com> wrote:
On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis <goemon@sasami.anime.net> wrote:
OVH does not suprise me in the least.
Maybe this is finally what it will take to get people to de-peer them.
If I de-peer them, I pay my upstream to carry the attack traffic.
Your isp will do rtbh
Your peers wont
Some public IXs support RTBH ... Equinix, DE-CIX, to name two ... PNIs is a different story.
Those IX “blackhole” mechanisms are a perverse ineffective method that exists solely for marketing reasons. If you aren’t blackholing in the fabric you aren’t blackholing. Kind regards, Job
On Sat, 3 Mar 2018 at 01:23, Baldur Norddahl <baldur.norddahl@gmail.com> wrote:
So I want to buy additional ports at each IX. The slowest speed they offer. If I am lucky they have a free 100 Mbps. And then I just announce the prefix I want to blackhole. Doesn't matter that the port overloads. I am just going to null route the traffic anyway...
Sure, that works. Those are called “choke ports”. Kind regards, Job
participants (2)
-
Baldur Norddahl
-
Job Snijders