Upstreams that don't support black holes either learn to or have full pipes.
----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "That One Guy /sarcasm" <[email protected]> To: [email protected] Sent: Wednesday, June 22, 2016 9:59:47 AM Subject: Re: [AFMUG] Mikrotik BGP Blackhole Community is this for a single ip? our upstream thats actually communicating said they dont support blackhole community, the other i assume wont either is this stating you can trigger at cogent even though not peered with them directly? On Wed, Jun 22, 2016 at 9:51 AM, Justin Wilson < [email protected] > wrote: BlackHole server The Blackhole server allows customers under a DDOS attack to send all traffic to the IP address under attack to null route. To request configuration on the blackhole server: Log into eCogent and click on BGP request. You will need the following information: 1. Order Number. 2. An IP address from your network with which we will peer. 3. A password (all blackhole server sessions are password protected). All North American and Asia Pacific Customers will peer with: IPv4: 66.28.8.2 and IPv6: 2001:550:0:1000::421c:802 All European Customers will peer with: IPv4: 130.117.20.2 and IPv6: 2001:550:0:1000::8275:1402 Once your session to the blackhole server has been established, any network you announce to it will be stopped at our borders. Please note that Cogent does not warrant or guarantee that use of the blackhole server will mitigate, or minimize any effects of a DDOS attack nor does Cogent guarantee that a session to the blackhole server can be established on a timely basis. You are limited to announcing 50 prefixes to our blackhole server. If you anticipate needing to announce more, relay that request to our Customer Support department along with the technical justification for an increase in the number of prefixes to be announced. Justin Wilson [email protected] --- http://www.mtin.net Owner/CEO xISP Solutions- Consulting – Data Centers - Bandwidth http://www.midwest-ix.com COO/Chairman Internet Exchange - Peering - Distributed Fabric <blockquote> On Jun 22, 2016, at 10:37 AM, Kurt Fankhauser < [email protected] > wrote: Really? Mikrotik can automatically trigger a blackhole IP with Cogent? I have had to call Cogent to get IP's blacklisted previously. On Wed, Jun 22, 2016 at 10:15 AM, Justin Wilson < [email protected] > wrote: <blockquote> San example with Cogent: add in - filter = cogent - blackhole - in multihop = yes name = Cogent - BlackHole out - filter = cogent - blackhole - out remote - address = 130.117 . 20.1 remote - as = 174 tcp - md5 - key =< my - md5 - key > ttl = default update - source =< interface - facing - cogent - or - ip - that - was - sent - to - Cogent > Justin Wilson [email protected] --- http://www.mtin.net Owner/CEO xISP Solutions- Consulting – Data Centers - Bandwidth http://www.midwest-ix.com COO/Chairman Internet Exchange - Peering - Distributed Fabric <blockquote> On Jun 20, 2016, at 7:35 PM, Matt < [email protected] > wrote: Has anyone used BGP and Remote-Triggered BlackHole with Mikrotik to help deal with DOS attacks? Any examples of getting it too work with Mikrotik? </blockquote> </blockquote> </blockquote> -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
