I want to echo Randy's comment on this paragraph.
> i am confident that the folk providing third-party mitigation services
> are clever enough to figure out their own hacks around this problem, and
> we do not need to second guess what might best work for them.
Lets keep in mind that for origin validation (the work already published and in
deployment phase) we are talking about a very small use-case that runs at
"human" speed (from detection to operational services there will be human
interventions).
Some hacks mentioned on the list include:
- Education: clear procedure at the provider's website/first customer
contact that required new ROA creation with mitigation provider AS to
accelerate propagation.
- Announce the prefixes under attack maintaining the origin AS from the
original server (hack the path)
- Increase the number of direct peers. The provider may negotiate with
its peers filtering exemptions in their direct links. Particularly this is a
differentiation aspect for mitigation providers as many of them show that they
have scrambling location nearby the main botnets hubs on the web.
Roque.
_______________________________________________
sidr mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/sidr
