> Here the problem is "for longer defensive prefixes" > For example in normal situation I advertise /32 to my ip transit providers. > When DDoS happens then one of my providers will start advertisin 1x/48 > of my /32 prefix to hi-jack the route from us and filter it.
i did not say that your provider advertised, did i? >> By doing this the internet will always (also under normal >> circumstances) prefer that one provider. >> >> 0 - register irr and rpki objects for aggregates and for longer >> defensive prefixes >> >> 1 - announce only aggregates to both providers >> >> 2 - when ddosed, >> - do not change announcement of aggregate to non-mediating >> - deaggregate announcement to mediating provider >> >> 3 - when ddos ends, return to state 1 randy -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/db-wg
