Turns out the apply-group isn't working for v6 rules.
ATAC made me replicate the same rule directly under routing-options and
inet6flow.0 appeared and I can see my rule populated now.
FYI I'm running vRR 20.4R1-S1.2
On Sun, May 23, 2021 at 4:55 AM Zbyněk Pospíchal
wrote:
> Hi Eric,
>
> with
Hi,
I just configured this a few days ago on a mx960 running 18.4R3.
This was traffic redirection into a routing-instances so i do not know
if it matches your setup.
But i can confirm that it is working in my setup.
Regards
Trond
Hello,
I've been fiddling with JunOS to enable Flowspec
Hi Eric,
with no v6 fs rules, the table inet6flow.0 stay hidden. Try to make any.
--
S pozdravem/Best Regards,
Zbyněk
Dne 21.05.21 v 20:10 Eric Dugas via NANOG napsal(a):
> Hello,
>
> I've been fiddling with JunOS to enable Flowspec IPv6. According to the
> docs, it was implemented in 16.x.
To: Colton Conor
Cc: NANOG
Subject: [EXTERNAL] Re: FlowSpec
On 2020-04-23 18:13, Colton Conor wrote:
> Do any of the large transit providers support FlowSpec to transit
> customers / other carriers, or is that not a thing since they want to
> sell DDoS protection services? FlowSpec sounds mu
On 2020-04-23 19:12, Roland Dobbins wrote:
On 23 Apr 2020, at 22:57, Denys Fedoryshchenko wrote:
In general operators don't like flowspec
Its increasing popularity tens to belie this assertion.
Yes, you're right that avoiding overflowing the TCAM is very
important. But as Rich notes, a
On 23 Apr 2020, at 22:57, Denys Fedoryshchenko wrote:
In general operators don't like flowspec
Its increasing popularity tens to belie this assertion.
Yes, you're right that avoiding overflowing the TCAM is very important.
But as Rich notes, a growing number of operators are in fact
On 2020-04-23 18:13, Colton Conor wrote:
Do any of the large transit providers support FlowSpec to transit
customers / other carriers, or is that not a thing since they want to
sell DDoS protection services? FlowSpec sounds much better than RTBH
(remotely triggered blackhole), but I am not sure
On 2020-04-23 18:13, Colton Conor wrote:
Do any of the large transit providers support FlowSpec to transit
customers / other carriers, or is that not a thing since they want to
sell DDoS protection services? FlowSpec sounds much better than RTBH
(remotely triggered blackhole), but I am not sure
Hi Colton,
It is fairly common to use flowspec internally at an ISP for mitigation of DDoS
attacks. eBGP flowspec is not very common though. I know of only a couple of
ISPs that allow flowspec rules to be advertised by their customers. The
biggest issue with this is that other providers are
-IX
http://www.midwest-ix.com
- Original Message -
From: "Josh Reynolds" <j...@kyneticwifi.com>
To: "Mike Hammett" <na...@ics-il.net>
Cc: "NANOG" <nanog@nanog.org>
Sent: Saturday, May 28, 2016 5:41:38 PM
Subject: Re: FlowSpec Sup
There was just a recent discussion about this.
None of the big upstreams support it because they are all too busy selling
their own DDoS mitigation services :)
On May 28, 2016 5:38 PM, "Mike Hammett" wrote:
> I know support (from customers) is limited among networks. I know it
11 matches
Mail list logo