keep in mind its not destination addresses that are the problem here, BUT
if it was, on an experiment (not a very smart one) we routed 0/1 to a lab
system inside 701 once in 2001 (as I recall, so before
nimda/code-red/blaster) and recieved +600kpps of garbage traffic as a
result. Trying to acl/analyze/deal-with that flow was almost impossible...
I'm not sure what you want to do with it today when our 'sinkhole' network
is consistently handling +20kpps (5x previous) MORE of random garbage
than 3 weeks ago, before blaster/nachi started to cause more pain
Just think, if you used loose uRPF, you wouldn't need to carry that traffic
to your sinkhole network, even you win.