nanog mailing list archives
RE: Attacks on BGP Routing Ranges
From: Nikos Leontsinis <Nikos.Leontsinis () eu equinix com>
Date: Wed, 18 Apr 2018 13:12:29 +0000
You are not supposed to announce that range anyway as you shouldn't be announcing your infrastructure range for your protection. Ask your upstream providers not to expose that range too. There are many ways around that selective redistribution or they can just protect that range. How they do it is none of your concern and there are many ways of achieving this. In my view this should be added on a best practice rfc. I am assuming that you are using that block just for your bgp session. /nikos -----Original Message----- From: NANOG [mailto:nanog-bounces () nanog org] On Behalf Of Ryan Hamel Sent: Wednesday, April 18, 2018 11:38 AM To: nanog () nanog org Subject: Attacks on BGP Routing Ranges Hello, I wanted to poll everyones thoughts on how to deal with attacks directly on BGP peering ranges (/30's, /127's). I know that sending an RTBH for our side of the upstream routing range does not resolve the issue, and it would actually make things worse by blackholing all inbound traffic on the carrier I send the null to. What are my options for carriers that are not willing to help investigate the situation or write up a firewall rule to mitigate it on the circuit? I am not a fan of naming and shaming because it has unintended consequences. Thanks in advance for everyone's suggestions. Ryan Hamel This email is from Equinix (EMEA) B.V. or one of its associated companies in the territory from where this email has been sent. This email, and any files transmitted with it, contains information which is confidential, is solely for the use of the intended recipient and may be legally privileged. If you have received this email in error, please notify the sender and delete this email immediately. Equinix (EMEA) B.V.. Registered Office: Amstelplein 1, 1096 HA Amsterdam, The Netherlands. Registered in The Netherlands No. 57577889.
Current thread:
- Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Job Snijders (Apr 18)
- Re: Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Saku Ytti (Apr 18)
- Re: Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Jon Lewis (Apr 18)
- Re: Attacks on BGP Routing Ranges Saku Ytti (Apr 18)
- Re: Attacks on BGP Routing Ranges William Herrin (Apr 18)
- Re: Attacks on BGP Routing Ranges Roland Dobbins (Apr 18)
- Re: Attacks on BGP Routing Ranges Jean | ddostest.me via NANOG (Apr 19)
- Re: Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Job Snijders (Apr 18)
- RE: Attacks on BGP Routing Ranges Nikos Leontsinis (Apr 19)