Yes, we do RTBH with 7018. You will likely need to get them to adjust their prefix filters and allow you to announce a /32.
Here is some information: Remote-Triggered BlackHole (RTBH) Routing. AT&T's as7018 network in the USA now supports Remote-Triggered BlackHole Routing, or RTBH. Customers receiving a high volume of denial-of-service (DoS) attack traffic destined to certain of their IPs may prefer to have the AT&T network discard all traffic destined for those IPs. With RTBH, customers may cause the AT&T network to discard all traffic towards specific portions of their IP ranges. Customers signal their request for the AT&T network to discard traffic to specific customer destinations by advertising BGP routes for the IP block(s) to be discarded with the RTBH BGP community of 7018:86. Both attack traffic and valid traffic will be discarded. Because of this fact, RTBH is sometimes viewed as completing the denial of service that the attackers had started, as it results in all traffic towards the destination under attack being discarded before reaching the ultimate destination. Customers considering using RTBH should recognize that RTBH is not a traffic scrubbing service such as AT&T's DDoS Protect Service. For further information regarding AT&T's DDoS Protect Service, interested customers should contact their AT&T sales team. Restrictions: - Customers may announce the RTBH community 7018:86 on IPv4 routes of length [ /25 - /32 ] inclusive, and on IPv6 routes of length [ /49 - /128 ] inclusive. - AT&T will reject bgp announcements with community 7018:86 for IPv4 prefixes /24 or shorter, and IPv6 prefixes /48 or shorter. - AT&T will accept RTBH announcements only for IP blocks belonging to each customer. Customers interested in utilizing RTBH should contact AT&T MIS Customer Care in advance to ensure that their route filters are configured to accept long prefixes. - The AT&T RTBH mechanism is signaled 'in-band', i.e. on the same ebgp session as a customer's other bgp routes. For customers preferring to signal RTBH routes separately from their other bgp routes, they may procure an additional MIS connection and dedicate it to the RTBH signaling. Since no traffic destined to RTBH route will flow over the customer's access link, a dedicated RTBH-only link may be sized much smaller than the customer's other link(s). On Sun, Feb 7, 2016 at 10:52 PM, TJ Trout <[email protected]> wrote: > anyone every successfully setup blackhole communities with as7018 At&t? > does such exist? > > On Sun, Feb 7, 2016 at 7:31 PM, Josh Luthman <[email protected]> > wrote: > >> Uh can't you just change the one IP? >> >> Josh Luthman >> Office: 937-552-2340 >> Direct: 937-552-2343 >> 1100 Wayne St >> Suite 1337 >> Troy, OH 45373 >> On Feb 7, 2016 10:29 PM, "TJ Trout" <[email protected]> wrote: >> >>> I've had a few DDOS over the years but not very long normally, what are >>> my options? They are attacking one of my main IP's that everything is >>> routed through, so if I null route it upstream I'm going to have to do mass >>> reconfiguration... >>> >>> Any thoughts? >>> >> >
