netsec-sig - Re: [Security-WG] New Well-Known BGP Community for Blackholing
Subject: Internet2 Network Security SIG
List archive
- From: John Kristoff <>
- To: David Farmer <>
- Cc: "" <>, "" <>, "" <>
- Subject: Re: [Security-WG] New Well-Known BGP Community for Blackholing
- Date: Tue, 26 Jul 2016 09:46:34 -0500
On Mon, 25 Jul 2016 23:55:31 +0000
David Farmer
<>
wrote:
> We (the Internet2 Community) should discuss if the Internet2 Backbone
> should transition to using this Well-Known BGP Community, either
> keeping or eliminating the Internet2 specific Blackhole communities
> below.
>
> Internet2-R&E: 11537:911
> Internet2-TR-CPS: 11164:53666
Is the usage of these being monitored? Statistics and trends on usage
and possibly a survey who is actually utilizing (announcing to I2) the
current communities would be nice to see.
> Additionally, this new community is defined as a transitive BGP
> community, so we should discuss if we want to propagate routes with
> this community from the Internet2 Backbone to other members of the
> Internet2 community. This may or may not advantageous and is
> probably not appropriate in all cases, so we should only do this if
> there is a clear consensus for it.
I think this would be fine as long as these routes are originated from
within I2 and the announcements can be verified by connectors or the
backbone folks. I may be wary of accepting those transitive
communities if they originated from outside of I2. Perhaps add a tag
that indicates as much.
A web-based interface for a participants to use for managing black hole
routes would be really nice to have. These should automatically expire
after some period.
John
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, (continued)
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, Christian Wheeler, 07/26/2016
- Re: [Security-WG] [NTAC] New Well-Known BGP Community for Blackholing, Michael H Lambert, 07/26/2016
- Re: [Security-WG] [NTAC] New Well-Known BGP Community for Blackholing, Jeff Bartig, 07/26/2016
- RE: [Security-WG] [NTAC] New Well-Known BGP Community for Blackholing, Michael Hare, 07/26/2016
- Re: [Security-WG] [NTAC] New Well-Known BGP Community for Blackholing, Jeff Bartig, 07/26/2016
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, Grover Browning, 07/26/2016
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, Spears, Christopher M., 07/26/2016
- [Security-WG] RE: [NTAC] New Well-Known BGP Community for Blackholing, Michael Hare, 07/26/2016
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, Bill Jensen, 07/26/2016
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, David Farmer, 07/26/2016
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, David Farmer, 07/26/2016
- [Security-WG] Re: [NTAC] New Well-Known BGP Community for Blackholing, Spears, Christopher M., 07/26/2016
- Re: [Security-WG] New Well-Known BGP Community for Blackholing, John Kristoff, 07/26/2016
- Re: [Security-WG] New Well-Known BGP Community for Blackholing, David Farmer, 07/26/2016
- Re: [Security-WG] New Well-Known BGP Community for Blackholing, Paul Howell, 07/27/2016
- RE: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Michael Hare, 07/27/2016
- Re: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Matthew J Zekauskas, 07/27/2016
- RE: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Michael Hare, 07/27/2016
- RE: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Spurling, Shannon, 07/27/2016
- RE: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Michael Hare, 07/27/2016
- Re: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Matthew J Zekauskas, 07/27/2016
- RE: [Qt-security] [Security-WG] New Well-Known BGP Community for Blackholing, Michael Hare, 07/27/2016
- Re: [Security-WG] New Well-Known BGP Community for Blackholing, John Kristoff, 07/27/2016
- Re: [Security-WG] New Well-Known BGP Community for Blackholing, Paul Howell, 07/27/2016
- Re: [Security-WG] New Well-Known BGP Community for Blackholing, David Farmer, 07/26/2016
Archive powered by MHonArc 2.6.19.