I have to point out that, although it looks like a move in the right direction, the newly created BLACKHOLE community is likely to meet severe max-prefixes resistance. It is way too broad. I did read the draft, and I do understand it is targeted at IXPs; the skeptical part in me is suggesting that the max-prefixes limit will limit the efficiency of this method. In order for this to be efficient to mitigate a DDOS attack, it would require the prefix limit for the very generic BLACKHOLE community to be in the tens of thousands. I just don't see this happening in the real world. A BGP community with global significance will face significant challenges. I don't see operators trusting this community. > Extreme caution should be used when purposefully propagating IP prefixes > tagged with the BLACKHOLE BGP community outside the local routing domain. This is the part that I find out-of-touch with reality. Extreme caution should be used not to announce RFC1918 prefixes, and not to announce the entire Internet routing table. It happens all the time. This draft creates a DDOS vector of its own : an attacker with good BGP feeds to their upstreams could use the well-known community to craft a new DDOS attack by injecting the target prefixe(s). Unlike the NO_ADVERTISE or NO_EXPORT communities, this is a global DDOS bait. As the operator of a large BGP Blackhole feed (1), the first requests that came out of the beta-testers were asking for more granularity. My BGP blackhole feed is over 100K prefixes; it works for me and my beta-tester buddies, but it won't work for everyone. I oppose this draft on the grounds that it creates more opportunities for DDOS attacks than it solves. Michel. (1) http://arneill-py.sacramento.ca.us/cbbc/