Thomas, On Fri, Jun 26, 2015 at 03:50:36PM +0000, Thomas King wrote: > I added the following text to the draft: > The presence of this BLACKHOLEIXP BGP community may introduce a resource > exhaustion attack to BGP speakers. If a BGP speaker receives many IP prefixes > containing the BLACKHOLE BGP community its internal resources such as CPU > power and/or memory might get consumed, especially if usual prefix sanity > checks (e.g. IP prefix length or number of prefixes) are disabled (see > Section 3.2). > > Does this cover your point?
It does. Thanks! > > It would be good to see an example of integration of this feature with some > > IXP's filtering mechanism, e.g. IRR database. > > Do you want to see the example in the document? If yes, how detailed do you > want to see the example? Down to the configuration of BGP speakers and data > records in the IRR database? I think I'd be fine with some text saying "check this against routes discovered from an appropriate aut-num" or something similar. The goal is really to show how the systems should interact. -- Jeff _______________________________________________ GROW mailing list GROW@ietf.org https://www.ietf.org/mailman/listinfo/grow
