nanog mailing list archives
Re: Effective ways to deal with DDoS attacks?
From: "Christopher L. Morrow" <chris () UU NET>
Date: Sun, 5 May 2002 03:34:47 +0000 (GMT)
On Sat, 4 May 2002, Stephen Griffin wrote:
In the referenced message, Iljitsch van Beijnum said:On Fri, 3 May 2002, Stephen Griffin wrote: For multihomed customers, these sets of prefixes should be identical, just like with single homed customers. The only time when those sets of prefixes is NOT the same is for a backup connection. But if a connection is a pure backup for incoming traffic, it's reasonable to assume it's a pure backup for outgoing traffic as well, so as long as the backup is dormant, you don't see any traffic so no uRPF problems.Not always the case, customer behaviour can not be accurately modeled.
I was hoping someone else might mention this, BUT what about the case of customers providing transit for outbound but not inbound traffic for their customers? We have many, many cases of customers that are 'default routing' for their customers that get inbound traffic down alternate customers or peers or wherever... uRPF seems like a not so good solution for these instances :( especially since some of these are our worst abusers :( -Chris
Current thread:
- Re: /31 mask address, (continued)
- Re: /31 mask address Simon Lockhart (May 03)
- Re: /31 mask address Andre Chapuis (May 03)
- Re: /31 mask address Simon Lockhart (May 03)
- Re: /31 mask address Robert E. Seastrom (May 03)
- Re: /31 mask address Manolo Hernandez (May 03)
- Re: /31 mask address Andre Chapuis (May 03)
- Re: /31 mask address JAKO Andras (May 06)
- Re: /31 mask address Simon Lockhart (May 06)
- Re: /31 mask address Miguel Mata-Cardona (May 03)
- Re: Effective ways to deal with DDoS attacks? Stephen Griffin (May 04)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 04)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 05)
- RE: Effective ways to deal with DDoS attacks? Barry Raveendran Greene (May 05)
- unicast RPF for peers viable? Iljitsch van Beijnum (May 05)
- Re: unicast RPF for peers viable? Richard A Steenbergen (May 05)
- RE: unicast RPF for peers viable? Barry Raveendran Greene (May 05)
- uRPF Loose Check Mode vs. ACL Livio Ricciulli (May 05)
- Re: uRPF Loose Check Mode vs. ACL Richard A Steenbergen (May 05)
- Re: uRPF Loose Check Mode vs. ACL Livio Ricciulli (May 05)
- Re: uRPF Loose Check Mode vs. ACL Richard A Steenbergen (May 05)
- Re: uRPF Loose Check Mode vs. ACL Valdis . Kletnieks (May 05)