nanog mailing list archives
Re: Attacks on BGP Routing Ranges
From: Jon Lewis <jlewis () lewis org>
Date: Wed, 18 Apr 2018 07:39:19 -0400 (EDT)
On Wed, 18 Apr 2018, Ryan Hamel wrote:
c) do run BGP with GTSM, so you can drop BGP packets with lower TTL than 255Could you explain how this can resolve my issue? I am not sure how this would work.
If the issue is flooding to your interface IP, that's not a relevant countermeasure. You're pretty much limited to asking the upstream to filter traffic to your interface IP, or asking them if you can renumber the interface into non-globally-routed IPs. If they're unwilling to do either, "you've chosen the wrong transit provider" and should start shopping for replacements.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
| therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Job Snijders (Apr 18)
- Re: Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Saku Ytti (Apr 18)
- Re: Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Jon Lewis (Apr 18)
- Re: Attacks on BGP Routing Ranges Saku Ytti (Apr 18)
- Re: Attacks on BGP Routing Ranges William Herrin (Apr 18)
- Re: Attacks on BGP Routing Ranges Roland Dobbins (Apr 18)
- Re: Attacks on BGP Routing Ranges Jean | ddostest.me via NANOG (Apr 19)
- Re: Attacks on BGP Routing Ranges Ryan Hamel (Apr 18)
- Re: Attacks on BGP Routing Ranges Job Snijders (Apr 18)
- RE: Attacks on BGP Routing Ranges Nikos Leontsinis (Apr 19)