nanog mailing list archives
Re: Effective ways to deal with DDoS attacks?
From: "Wojtek Zlobicki" <wojtekz () idirect com>
Date: Wed, 1 May 2002 21:58:10 -0400
Then you are pushing out /32's and peers would need to accept them. Then someone will want to blackhole /30's, /29's, etc. Route bloat. Yum!
I am in no way proposing discounting current filtering rules. There are alway two different intersts one must consider, one that of the customer and two that of the service provider. If a large block must be filtered so be it. Where are providers drawing the line ? Anyone have somewhat detailed published policies as to what a provider can do in order to protect their nework as a whole. At what point (strength of the attack) does a customers netblock (assuming a /24 for example) get null routed by whichever party.
Anyways, some providers already allow you to set a community on a route, and they will inturn "blackhole" it for you. I believe Teleglobe does this for some customers and I know UUNet does this for all customers.
When the attack is distributed, having one or two providers (even if they are UUNET or Teleglobe) is just not enough. Must private routing policy be developed in order to make my suggestion work. The reason that so many methods likely fail are the difficulty of implementation and low implementation.
Current thread:
- Re: Effective ways to deal with DDoS attacks?, (continued)
- Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
- Re: Effective ways to deal with DDoS attacks? Sean Donelan (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 06)
- Re: Effective ways to deal with DDoS attacks? Ralph Doncaster (May 06)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 06)
- Re: Effective ways to deal with DDoS attacks? Chris Adams (May 06)
- Re: Effective ways to deal with DDoS attacks? Pete Kruckenberg (May 01)
- Re: Effective ways to deal with DDoS attacks? Wojtek Zlobicki (May 01)
- Re: Effective ways to deal with DDoS attacks? dies (May 01)
- Re: Effective ways to deal with DDoS attacks? Wojtek Zlobicki (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Re: Effective ways to deal with DDoS attacks? Basil Kruglov (May 01)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Message not available
- Forget Bernie... blitz (May 02)
- Re: Forget Bernie... Rachel K. Warren (May 02)
- RE: Forget Bernie... Eric Germann (May 02)