Here are some notes to self regarding real time blackholing configurations for dropping / analyzing packets that 'do not belong'.
- BGP Security Techniques (pdf)
- Inferring Internet Denial-of-Service Activity (pdf)
- Cisco Paper: Remotely Triggered Black Hole Filtering -- Destination Based and Source Based (pdf), with a note at NSP ARchives that disable-connected-check needs to be added to the peer's bgp configuration.
- IPv6Canada: S/RTBH Example
- PacketLife: RTBH Routing
From the c-nsp list, RTBH commonly used next hops are RFC based Test Networks:
- IPv4 RFC3330 192.0.2.0/24
- IPv6 RFC5156 2001:db8::/32