Internet2 Network Security SIG

[John Kristoff <>]

On Mon, 25 Jul 2016 23:55:31 +0000
David Farmer 
<>
 wrote:

> We (the Internet2 Community) should discuss if the Internet2 Backbone
> should transition to using this Well-Known BGP Community, either
> keeping or eliminating the Internet2 specific Blackhole communities
> below.
> 
> Internet2-R&E: 11537:911
> Internet2-TR-CPS: 11164:53666

Is the usage of these being monitored?  Statistics and trends on usage
and possibly a survey who is actually utilizing (announcing to I2) the
current communities would be nice to see.

> Additionally, this new community is defined as a transitive BGP
> community, so we should discuss if we want to propagate routes with
> this community from the Internet2 Backbone to other members of the
> Internet2 community.  This may or may not advantageous and is
> probably not appropriate in all cases, so we should only do this if
> there is a clear consensus for it.

I think this would be fine as long as these routes are originated from
within I2 and the announcements can be verified by connectors or the
backbone folks.  I may be wary of accepting those transitive
communities if they originated from outside of I2.  Perhaps add a tag
that indicates as much.

A web-based interface for a participants to use for managing black hole
routes would be really nice to have.  These should automatically expire
after some period.

John