Thank you Payam. I think I got what you mean. In this particular case however, the X/22 route is not a customer or anything. It is the IXP's peering LAN !
So... It means that the person requested all the IXP's members to null-route the whole peering LAN ? How can you possibly ask for this ? I peer with several members within this LAN. If I null-route the X/22 LAN, we agree that my peering sessions will go down, right ? Thanks again, 2013/3/24 Payam Chychi <[email protected]> > Carry a route is the same as accepting a route and having it become > active, allowing traffic to traverse your network to the destination. In > this case the user is asking you to drop the route (attack traffic) at your > edge if possible and not to carry it through your network and deliver it to > the end destination(his network) because its probably saturating or causing > him performance issues. > > Normally networks well have a global community string that they can tag a > route with and it will send it to null0, dropping that traffic at the edge > v.s the user withdrawing its -/24 route from the advertise table. You can > also go on the peering router and set the next hop route for the attacked > destination ip to null0 (discard) and only traffic traversing that one > router well drop the traffic (global community well handle this if you > have a multi homed network) > > Local nullroute example: > "Set routing-options static route x.x.x.x/32 discard" ... Something like > this > > All your doing is dropping traffic for x.x.x.x/x at your edge, most cases > its a /32 nullroute. > > Google is your friend :) > Cheers, > -- > Payam Chychi > Network Engineer / Security Specialist > > On Sunday, 24 March, 2013 at 6:47 AM, Zehef Poto wrote: > > Hey guys, > > Thank you all for the very valuable input. Actually yes, Tobias is right, > I'm having this question because of the (quoted by Tobias) e-mail we got > yesterday across several IXPs. > > I just don't understand what is to "carry a route in my backbone". Am I not > supposed to know all of (or most of) the Internet routes, since I work with > tier-1 upstream providers ? As a consequence, it means I'm carrying all > these routes right ? > > A "show route X/22" tells that it was advertised by an eBGP peer on one of > my edge routers, and the three other ones learnt this same route via OSPF. > > This is where I'm completely confused. What am I supposed to do to "carry" > a route or not ? > > Thanks again, > > 2013/3/24 Tobias Heister <[email protected]> > > Hi All, > > Am 24.03.2013 00:26, schrieb Jeff Wheeler: > > Whoever that person is that said something about "use next-hop-self" > in this context, either you misunderstood them, or you shouldn't > listen to them anymore. That has nothing to do with looking to see if > your router knows about a route. > > > This sounds like the OP wants to help the cloudfare guys who send the > following mail to DECIX/AMSIX (and probably other IX) yesterday. > > We're currently seeing a very large attack directed to our IP on AMS-IX > > (X). > > > We request that all peers: > > 1) Don't carry this route (X/22) in your backbone. (you can set > > next-hop-self, etc). It'll save other security concerns and possible free > transit you're giving away to others. > > 2) Filter any traffic within to the AMS-IX exchange fabric (again, > > X/22), except for your point to [multi]point BGP communications. > > -- > Kind Regards > Tobias Heister > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
