nanog mailing list archives
Re: automatic rtbh trigger using flow data
From: Baldur Norddahl <baldur.norddahl () gmail com>
Date: Sun, 2 Sep 2018 10:42:09 +0200
This is not true. Some of our transits do RTBH for free. For example Cogent. They will not do FlowSpec. Maybe their equipment can not do it or for some other reason. However RTBH is a simple routing hack that can be implemented on any router. The traffic is dropped right at the edge and is never transported on the transit provider network. In that sense it also protects the transit network. RTBH only for UDP would also be a very simple hack on many routers. It might not be FlowSpec, but it may have most of the benefit, in a much simplified way. Regards Baldur søn. 2. sep. 2018 02.39 skrev Ryan Hamel <Ryan.Hamel () quadranet com>:
No ISP is in the business of filtering traffic unless the client pays the hefty fee since someone still has to tank the attack. I also don’t think there is destination prefix IP filtering in flowspec, which could seriously cause problems. *From:* NANOG <nanog-bounces () nanog org> *On Behalf Of *Baldur Norddahl *Sent:* Saturday, September 01, 2018 5:18 PM *To:* nanog () nanog org *Subject:* Re: automatic rtbh trigger using flow data fre. 31. aug. 2018 17.16 skrev Hugo Slabbert <hugo () slabnet com>: I would love an upstream that accepts flowspec routes to get granular about drops and to basically push "stateless ACLs" upstream. _keeps dreaming_ We just need a signal to drop UDP for a prefix. The same as RTBH but only for UDP. This would prevent all volumetric attacks without the end user being cut off completely. Besides from some games, VPN and VoIP, they would have an almost completely normal internet experience. DNS would go through the ISP servers and only be affected if the user is using a third party service. Regards Baldur
Current thread:
- Re: automatic rtbh trigger using flow data Baldur Norddahl (Sep 01)
- RE: automatic rtbh trigger using flow data Ryan Hamel (Sep 01)
- Re: automatic rtbh trigger using flow data Hugo Slabbert (Sep 01)
- RE: automatic rtbh trigger using flow data Michel Py (Sep 01)
- Re: automatic rtbh trigger using flow data Baldur Norddahl (Sep 02)
- RE: automatic rtbh trigger using flow data Ryan Hamel (Sep 02)
- Re: automatic rtbh trigger using flow data Baldur Norddahl (Sep 02)
- RE: automatic rtbh trigger using flow data Ryan Hamel (Sep 01)
- <Possible follow-ups>
- Re: automatic rtbh trigger using flow data Roland Dobbins (Sep 01)
- Re: automatic rtbh trigger using flow data Roland Dobbins (Sep 01)
- Re: automatic rtbh trigger using flow data Roland Dobbins (Sep 01)
- Re: automatic rtbh trigger using flow data Hugo Slabbert (Sep 01)
- Re: automatic rtbh trigger using flow data Paweł Małachowski (Sep 04)
- Re: automatic rtbh trigger using flow data H I Baysal (Sep 06)