nanog mailing list archives
Re: Effective ways to deal with DDoS attacks?
From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Thu, 2 May 2002 19:08:35 +0200 (CEST)
On Thu, 2 May 2002, Christopher L. Morrow wrote:
Congrats on re-inventing the wheel :( This is what mazuu/arbor/wanwall(riverhead now?) all do... this is also the way CenterTrack(tm robert stone) was kind of supposed to work.
Thanks for the kind works. Just to be clear: I'm not working on a _product_, just on a paper explaining how to do this using standard components and protocols.
As near as I can tell this doesn't scale too well in a large network.
If you have a router that can forward 10 Gbps into the right direction, you can also have a router forward 10 Gbps in the wrong direction. That's pretty much all it takes.
This is a shame, but its a reality. Additionally 20k sources max? that's not nearly enough, how many addresses are in 0/0 ? you should atleast plan for this contingency...
The idea is to use unicast RPF. So you're only limited by the number of routes a Cisco can hold. 20k per customer under attack should be doable without too much effort, more should be possible, but filtering 0/0 defeats the purpose. Also, it can be done using a single line, so no problem there.
Current thread:
- Re: Effective ways to deal with DDoS attacks?, (continued)
- Re: Effective ways to deal with DDoS attacks? Vincent Gillet (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? measl (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 01)
- Message not available
- Re: Effective ways to deal with DDoS attacks? Hank Nussbacher (May 02)
- Re: Effective ways to deal with DDoS attacks? Scott Francis (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Avleen Vig (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Christopher L. Morrow (May 02)
- Re: Effective ways to deal with DDoS attacks? Iljitsch van Beijnum (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 04)
- Re: Effective ways to deal with DDoS attacks? Avleen Vig (May 02)
- Re: Effective ways to deal with DDoS attacks? Kurt Erik Lindqvist (May 06)
- RE: Effective ways to deal with DDoS attacks? LeBlanc, Jason (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? Hank Nussbacher (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? E.B. Dreger (May 02)
- Re: Effective ways to deal with DDoS attacks? E.B. Dreger (May 02)
- Re: Effective ways to deal with DDoS attacks? Richard A Steenbergen (May 02)
- Re: Effective ways to deal with DDoS attacks? Rubens Kuhl Jr. (May 03)