Re: DDoS mitigation for ISPs

[Job Snijders <job () instituut net>]

On Thu, Oct 29, 2015 at 08:42:31AM -0700, Mike wrote:
>  Is there any DDoS mitigation service provider that can scrub traffic
>  for an ISP network?

Yeah, plenty. A non-exhaustive list: Prolexic, Incapsula, Staminus or
Nexusguard. There is no lack of choice.

> I have an ASN and BGP and my own netblocks, and I have a 1gbps pipe. I
> was thinking the scenario would be during attack, we could bring up a
> tunnel and run bgp over it and advertise some portion of our ip space
> thru it. I realise getting it setup while attack is taking place would
> be a little hard and that we likely could expect at least some down
> time.

It is more common to set up the GRE tunnel before hand, and just send
out the BGP announcement of the /24 when an IP within that /24 is under
attack.

Kind regards,

Job