So.. you want to track some DoS traffic?

So basically you've proposed implementing black hole routing via a
community... this is nice and COULD be used by customers, though I'd be
worried about them blackholing something 'important' and not figuring it
out... which is all too common a problem.

We discussed this at implementation/design time and fell back on "we would
rather do it manually, just in case...". Additionally, if someone messed
up the customer's filter and didn't filter their routes they could
accidently drop traffic another customer :frowning: Manual and by a select few
people was the end decision.

Not that it's not a great idea, but BGP is 'hard' and customers (and
providers) routinely screw it up :frowning: Also, your paper doesn't hit the main
thing I was getting at: Tracking the attack... dropping traffic is great
and you can do it in 101 different ways, but the tough part was tracking
it... (at least it was the tough thing we was trying to make less tough).