On 6/28/16 8:36 AM, Job Snijders wrote: > Some IXPs can do actual blackholing inside their fabric, a mechanism > which does _not_ require any of the IXP participants to participate or > adjust their local routing policy to honor the BLACKHOLE community. I've > described such a non-cooperative mechanism on the NANOG mailing-list and > I know of one IXP which has implemented this. (This is different from > DE-CIX's current implementation.) sure l3 acls can be applied to l2 ports. most ixps are going to have a set of filters that prevent certain kinda of activity, e.g. spanning tree PDUs, router-advertisement, proxy-arp and so on. these are all within the technical capabilties of most high-end-ethernet switch platforms. > Already today, the reality is that some IXPs can and will blackhole > traffic at the request of a participant, and some IXPs can't (vendor > limitations) or won't (miscellaneous concerns) blackhole traffic. This > draft does not change any of that. agree > Kind regards, > > Job >
Attachment:
signature.asc
Description: OpenPGP digital signature