[PLUG] when to blackhole routes?
Carla Schroder
carla at bratgrrl.com
Tue Apr 17 00:21:57 UTC 2007
Under what circumstances does it make sense to blackhole routes? Assume you
are using the null0 interface in Quagga. An obvious example is blocking
spammers or other pests, like out-of-control web spiders. What about blocking
RFC 1918 addresses entering or leaving your network with routing commands
instead of iptables rules? Isn't that more efficient?
Isn't blackholing an invitation to a syn flood attack anyway? Can you use the
ip command's 'unreachable' rule option, which sends a 'Network is
unreachable' error?
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
Linux geek and random computer tamer
check out my Linux Cookbook!
http://www.oreilly.com/catalog/linuxckbk/
best book for sysadmins and power users
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the PLUG
mailing list