nanog mailing list archives

Re: FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks

From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Sat, 02 Oct 2004 00:52:17 +0000 (GMT)



On Sat, 2 Oct 2004, Fergie (Paul Ferguson) wrote:

Given recent discussions on blackholing traffic, this may
be of interest.

- ferg

[snip]

A new Request for Comments is now available in online RFC libraries.


        RFC 3882

        Title:      Configuring BGP to Block Denial-of-Service Attacks
        Author(s):  D. Turk
        Status:     Informational
        Date:       September 2004
        Mailbox:    doughan.turk () bell ca
        Pages:      8
        Characters: 19637
        Updates/Obsoletes/SeeAlso:    None

        I-D Tag:    draft-turk-bgp-dos-07.txt

        URL:        ftp://ftp.rfc-editor.org/in-notes/rfc3882.txt


This document describes an operational technique that uses BGP
communities to remotely trigger black-holing of a particular
destination network to block denial-of-service attacks.  Black-holing
can be applied on a selection of routers rather than all BGP-speaking
routers in the network.  The document also describes a sinkhole tunnel


This tunneling is 'centertrack' which is patented... Also, tunneling is a
dangerous prospect when you get very large amounts of attack traffic.

Current thread:

FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks Fergie (Paul Ferguson) (Oct 01)
- Re: FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks Christopher L. Morrow (Oct 01)
  - Re: FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks Christopher L. Morrow (Oct 01)