nanog mailing list archives

Re: Over a decade of DDOS--any progress yet?

From: Thomas Mangin <thomas.mangin () exa-networks co uk>
Date: Wed, 8 Dec 2010 15:36:42 +0000

On 8 Dec 2010, at 15:12, Dobbins, Roland wrote:


On Dec 8, 2010, at 10:10 PM, Thomas Mangin wrote:

Until this is sorted I believe flowspec will be a marginal solution.


We're seeing a significant uptick in flowspec interest, actually, and S/RTBH has been around for ages.


Great to hear :)

But my point is still valid, Flowspec is great if you are are a backbone and are performing the filtering, or if you 
want to filter outgoing traffic. If you are a smaller network, you need the filtering to be performed by your transit 
provider, as your uplink will otherwise be congested. So I will stand by my comment that flowspec would see a bigger 
uptake if T1 could accept the flowspec routes, which they will only do once they can filter them (to insure correctness 
and resource protection).

Thomas

PS : Someone need to add IPv6 support to the RFC :p

Current thread:

Re: Over a decade of DDOS--any progress yet?, (continued)
- - - Re: Over a decade of DDOS--any progress yet? Lamar Owen (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Rich Kulawiec (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Matthew Petach (Dec 09)
    - Re: Over a decade of DDOS--any progress yet? Valdis . Kletnieks (Dec 09)
- Re: Over a decade of DDOS--any progress yet? alvaro.sanchez () adinet com uy (Dec 08)
  - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? jim deleskie (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Joel Jaeggli (Dec 14)
  - Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Thomas Mangin (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jeffrey Lyon (Dec 08)
    - Re: Over a decade of DDOS--any progress yet? Jack Bates (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Randy McAnally (Dec 08)
    - RE: Over a decade of DDOS--any progress yet? Drew Weaver (Dec 10)
    - Re: Over a decade of DDOS--any progress yet? Dobbins, Roland (Dec 08)

(Thread continues...)