RE: not rewriting next-hop, pointing default, ...

For ISPs with a lot of direct (i.e., private) peers, on the public
NAP routers you may want to consider not installing the routes from the
private peers. This approach could reduce the damage to your private
links by default-pointing attack. It may also make you less likely
a target due to black-holing of certain traffic.

And on the NAP router,
  adding the blackhole segment ( null 0 or dumb ether etc.)
    On cisco, null 0 is not recomended for its process switching
  set the default route to the blackhole segment
  check the packet in the segment.
These packets are routed by default, so call the routing police :slight_smile:

This approach is not applicable if transit service is provided at
the public NAP.

Peering in tunneling COULD work. (AS4713<-AS2521<-AS2519)