BGP Blackhole Service – Block Countries by RIR /8s

$380.00

Purchase includes a one time setup fee and 12 months of service.

Out of stock

Category: Tag:

Description

BGP peering service used to drop IPv4 traffic. Here’s how it works:

You peer with us to receive the routes that are assigned to specific RIRs (Regional Internet Registry) by their /8 CIDR assignments. This is not all inclusive of every IP address that any given RIR is responsible for. CIDR assignments smaller than a /8 are excluded, however, the /8 assignments cover most of the IP addresses that each RIR is responsible for. The advantage here is that most any router that is capable of running BGP will have enough resources to handle these routes. This service is the most light-weight way to drop traffic by location. Many networks in the USA can drop traffic from LACNIC, AFRINIC, and APNIC with very few (if any) problems.

BGP Peering: In order to use this service, you need a router running BGP. Peering is through private 16bit ASNs. After purchase, we will email you to set up the BGP peering. We have set the following communities:

ARIN=65413:1

LACNIC=65413:2

RIPE NCC=65413:3

AFRINIC =65413:4

APNIC=65413:5

In your router that is receiving the routes, you will use BGP filters to “Blackhole” all the traffic destined to those IPs. Here is an example for MikroTik routers:

 

/routing filter

add bgp-communities=65413:2 chain=BGP1_In comment=”Drop LACNIC Routes” set-route-comment=”Drop LACNIC Routes” set-type=blackhole
add bgp-communities=65413:3 chain=BGP1_In comment=”Drop RIPE NCC Routes” set-route-comment=”Drop RIPE NCC Routes” set-type=blackhole
add bgp-communities=65413:4 chain=BGP1_In comment=”Drop AFRINIC Routes” set-route-comment=”Drop AFRINIC Routes” set-type=blackhole
add bgp-communities=65413:5 chain=BGP1_In comment=”Drop APNIC Routes” set-route-comment=”Drop APNIC Routes” set-type=blackhole