nanog mailing list archives

Re: DDoS attack

From: Saku Ytti <saku () ytti fi>
Date: Tue, 10 Dec 2019 19:31:41 +0200

On Tue, 10 Dec 2019 at 19:08, Aaron Gould <aaron1 () gvtc com> wrote:

- policers of well-known *good* ports/protocols (like ntp, dns, etc) to some realistic level


You might want to downpref these to a scavanger class, instead of
police. Since ultimately policing makes it just easier to ddos the
service, which is actually needed.

-- 
  ++ytti

Current thread:

Re: DDoS attack, (continued)
- - - Re: DDoS attack Töma Gavrichenkov (Dec 09)
    - Re: DDoS attack Brandon Martin (Dec 09)
    - Re: DDoS attack Sabri Berisha (Dec 09)
    - Re: DDoS attack Mark Tinka (Dec 09)
    - Re: DDoS attack Töma Gavrichenkov (Dec 10)
- Re: DDoS attack Jean | ddostest.me via NANOG (Dec 09)
- Re: DDoS attack Randy Bush (Dec 09)
- Re: DDoS attack william manning (Dec 09)
- RE: DDoS attack Paul Amaral via NANOG (Dec 10)
  - RE: DDoS attack Aaron Gould (Dec 10)
    - Re: DDoS attack Saku Ytti (Dec 10)
    - RE: [EXTERNAL] RE: DDoS attack Nikos Leontsinis (Dec 10)
    - RE: [EXTERNAL] RE: DDoS attack Paul Amaral via NANOG (Dec 10)
- Re: DDoS attack Christopher Morrow (Dec 09)
  - Message not available
    - Re: DDoS attack Christopher Morrow (Dec 09)