nanog mailing list archives
Re: UUNet Offer New Protection Against DDoS
From: Danny McPherson <danny () tcb net>
Date: Wed, 3 Mar 2004 13:37:34 -0700
On Mar 3, 2004, at 11:24 AM, Stephen Perciballi wrote:
To the best of my knowledge, MCI/UUNET ~was~ the first to implement this. I'vebeen using it for well over a year now.
Indeed. One could even get "fancy" and set of different community sets to allow customers to drop traffic only on peering routers (as opposed to customer or all routers, etc..). The "Customer-Triggered Real Time Blackhole" tutorial that Chris, Tim and I gave in Miami talks about how to go about doing this. One step further is uRPF coupling with blackhole routing for sourced- based drops, though I suspect you probably won't want to do this with customers :-) Finally, the BGP Flow Specification stuff provides a start at a more granular BGP-based method by employing new AFI/SAFI. If you've got feedback please pass it along. http://www.tcb.net/draft-marques-idr-flow-spec-00.txt -danny
Current thread:
- Re: UUNet Offer New Protection Against DDoS, (continued)
- Re: UUNet Offer New Protection Against DDoS Deepak Jain (Mar 02)
- Re: UUNet Offer New Protection Against DDoS Paul G (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Erik Haagsman (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Paul G (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Erik Haagsman (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Deepak Jain (Mar 02)
- Re: UUNet Offer New Protection Against DDoS Randy Bush (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Stephen Perciballi (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Danny McPherson (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Rob Thomas (Mar 03)
- Re: UUNet Offer New Protection Against DDoS james (Mar 03)
- RE: UUNet Offer New Protection Against DDoS Michael Hallgren (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Stephen J. Wilcox (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Patrick W . Gilmore (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Stephen J. Wilcox (Mar 03)
- Re: UUNet Offer New Protection Against DDoS Patrick W . Gilmore (Mar 03)