nanog mailing list archives
Re: DDOS, IDS, RTBH, and Rate limiting
From: joel jaeggli <joelja () bogus com>
Date: Sat, 08 Nov 2014 21:22:05 -0800
On 11/8/14 6:28 PM, Roland Dobbins wrote:
On 9 Nov 2014, at 8:59, Frank Bulk wrote:I've written it before: if there was a software feature in routers where I could specify the maximum rate any prefix size (up to /32) could receive, that would be very helpful.QoS generally isn't a suitable mechanism for DDoS mitigation, as the programmatically-generated attack traffic ends up 'crowding out' legitimate traffic.
if you can identify attack traffic well enough to police it reliably then you can also drop it on the floor.
S/RTBH, flowspec, and other methods tend to produce better results.
yup.
----------------------------------- Roland Dobbins <rdobbins () arbor net>
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: DDOS, IDS, RTBH, and Rate limiting, (continued)
- Re: DDOS, IDS, RTBH, and Rate limiting Miles Fidelman (Nov 09)
- Re: DDOS, IDS, RTBH, and Rate limiting Matt Palmer (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Trent Farrell (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Jon Lewis (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Trent Farrell (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 08)
- RE: DDOS, IDS, RTBH, and Rate limiting Frank Bulk (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting joel jaeggli (Nov 08)
- RE: DDOS, IDS, RTBH, and Rate limiting Frank Bulk (Nov 08)
- Re: DDOS, IDS, RTBH, and Rate limiting Paul S. (Nov 09)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Denys Fedoryshchenko (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Roland Dobbins (Nov 20)
- Re: DDOS, IDS, RTBH, and Rate limiting Robert Duffy (Nov 20)