Why would a "tier 1" (I hate that outdated term) transit provider ever null-route an IP that's not in their block nor in a customer's block? I haven't heard of them doing that. That would be a very shady thing to do.
Transit providers will null route traffic that's inbound to you if you request it. This lets you stop the traffic at their core, instead of overwhelming your edge gear.
You are the customer after all; you have a say in what traffic makes it to your edge from your upstream provider.
He was referring to being nullrouted by transit providers that he's not a customer of. Short of something like a replay of the Morris worm, I can't see that happening.
Transit providers get paid to provide transit. They don't filter traffic that isn't bound for their customers.
No, they don't. Transit providers acting in a pure transit manner do not null route destination networks that they're not responsible for. Provider B, providing transit from AS A to AS C, will not block traffic bound for C or beyond. They might block some things bound for AS B or a customer of AS B, but they're not acting in a pure transit capacity there.
Content and eyeball networks are free to do whatever they want with regards to routing and blocking. Transit providers? No, they just provide transit. That's the business they want to be in. They're not in the blocking business.
Thanks for the NANOG tip though. I'm a member and active participant. See you in Seattle.
The main NANOG threads are about detecting the NTP traffic and blocking malicious requests in content and eyeball networks -- not transit. There's also the OpenNTP project discussion -- http://openntpproject.org/
I'm sorry I used a term you don't like -- let's get past that though -- What about if the customer you speak of is the DDoS mitigation service?
Even without doing this though, if they remove a BGP route and other ISPs cannot route through them, that's a problem for whoever lives at the destination AS number.
I'm really confused here. Why would a DDoS mitigation service announce routes for a network they don't serve for a customer? That would simply be an old-fashioned BGP hijacking.
Transit providers don't simply send traffic to Prolexic and Defense.net because they think they should. They send traffic there for routes that the mitigators are announcing. They'll only announce client routes (and only when clients announce to the mitigators).
You are the customer after all; you have a say in what traffic makes it to your edge from your upstream provider.