If you can impose a limit on the amount of flowspec rules the customer can send
you (I assume you are the Service provider) where is the problem
with offering flowspec services? Seems more of a vendor challenge.
The tcam issue is relatively addressed with proper dimensioning (throw money to
You can get the bogon prefixes from Cymru and defend your network using them in
combination with rpf
The key with the attacks dos or ddos is to have proper telemetry (streaming
telemetry not polling telemetry)
and baselines without this information you run the danger of blocking good
traffic.
Agree
> On 4 Aug 2019, at 18:50, Fred Baker wrote:
>
> Between overlaid ads and the thing trying to force an account, i’d Describe
> it as a waste of time. Now, a page that delivered the data advertised...
>
> Sent using a machine that autocorrects in interesting ways...
>
>> On Aug 3,
I heard that before...
-Original Message-
From: Vincent Bernat
Sent: Monday, February 4, 2019 9:48 AM
To: i3D.net - Martijn Schmidt
Cc: Nikos Leontsinis ; Paul S.
; nanog@nanog.org
Subject: Re: [EXTERNAL] Re: RTBH no_export
❦ 4 février 2019 09:01 +00, i3D.net - Martijn Schmidt
This is a 20+ year old solution. Ugly because you will block good traffic and
on your effort to protect your network you will block legitimate traffic too
(satisfying the attacker) but most upstream providers
will give you a community to use (Cogent is a notable exception) and tag the
prefix
There is a fundamental product limitation. CoS on Cascade port for MX is not
officially supported as well QFX acting as AD.
I agree with those who perceive all these approaches as proprietary lock-in
(disguised as cheap).
From: NANOG On Behalf Of Vincentz Petzholtz
Sent: Wednesday, December
You are not supposed to announce that range anyway as you shouldn't be
announcing your infrastructure range for your protection. Ask your upstream
providers not to expose that range too.
There are many ways around that selective redistribution or they can just
protect that range. How they do
of RPKI.
>
>
>
> Rich Compton | Principal Eng | 314.596.2828
> 14810 Grasslands Dr,Englewood, CO80112
>
>
>
>
>
>
> On 5/2/17, 6:27 AM, "NANOG on behalf of Job Snijders"
> <nanog-boun...@nanog.org on behalf of j...@ntt.net> wrote:
>
it only proves the need for wider RPKI adoption
On 2 May 2017 at 06:49, wrote:
> I didn't see any mention of this here. Any comments?
>
> "On Wednesday, large chunks of network traffic belonging to MasterCard, Visa,
> and more than two dozen other financial
9 matches
Mail list logo