nanog mailing list archives
Re: engineering --> ddos and flooding
From: Mark Mentovai <mark-list () mentovai com>
Date: Fri, 1 Jun 2001 14:36:49 -0400 (EDT)
Walter Prue wrote:
I came up with a solution for networks with ISP connections to deal quickly with DDOS attacks without having to be able to work with a network technician at the ISP for immediate relief. If the ISP agrees, install a second low speed connection to the same router your primary router BGP peers with. Through this low speed connection you run a second bgp session advertising the /32 that is being attacked by the DDOS. You mark the /32 as NO-ADVERTISE so the route doesn't leave the border router.
Or, without adding an extra connection, negotiate a NULLROUTE community with your upstream provider. This would be a wonderful addition to the well-known BGP communities. I'll bring this up on IDR. Mark
Current thread:
- Re: engineering --> ddos and flooding Dan Foster (Jun 01)
- <Possible follow-ups>
- Re: engineering --> ddos and flooding Jim Shankland (Jun 01)
- Re: engineering --> ddos and flooding Walter Prue (Jun 01)
- Re: engineering --> ddos and flooding lucifer (Jun 01)
- Re: engineering --> ddos and flooding Bill Woodcock (Jun 01)
- Re: engineering --> ddos and flooding Geoff Zinderdine (Jun 01)
- Re: engineering --> ddos and flooding Mark Mentovai (Jun 01)
- Re: engineering --> ddos and flooding Geoff Zinderdine (Jun 01)
- Re: engineering --> ddos and flooding Christopher A. Woodfield (Jun 01)
- Re: engineering --> ddos and flooding Mark Mentovai (Jun 01)
- Re: engineering --> ddos and flooding lucifer (Jun 01)
- Re: engineering --> ddos and flooding Hank Nussbacher (Jun 03)
- Re: engineering --> ddos and flooding Geoff Zinderdine (Jun 04)
- Re: engineering --> ddos and flooding Mark Mentovai (Jun 04)
- Re: engineering --> ddos and flooding Valdis . Kletnieks (Jun 04)
- Re: engineering --> ddos and flooding Dan Hollis (Jun 04)
- RE: engineering --> ddos and flooding Hank Nussbacher (Jun 04)