On Thu, May 28, 2015 at 08:51:40PM +0000, Thomas King wrote: > Hi Everybody, > > we submitted this document in order to unify and simplify triggering > blackholing at IXPs. We propose to define a well-known BGP community for this. > > Any feedback is highly appreciated.
I'm generally supportive of this draft. The Security Considerations cover the majority of the issues this standardized blackhole community introduces. I would suggest one additional consideration be added: Since the presence of this community may otherwise bypass prefix-limit checks, the presence of this community may allow for a resource exhaustion attack by shorter than usual prefixes. It would be good to see an example of integration of this feature with some IXP's filtering mechanism, e.g. IRR database. -- Jeff _______________________________________________ GROW mailing list GROW@ietf.org https://www.ietf.org/mailman/listinfo/grow