nanog mailing list archives
Re: What were we saying about edge filtering?
From: bdragon () gweep net
Date: Mon, 8 Sep 2003 22:37:18 -0400 (EDT)
keep in mind its not destination addresses that are the problem here, BUT if it was, on an experiment (not a very smart one) we routed 0/1 to a lab system inside 701 once in 2001 (as I recall, so before nimda/code-red/blaster) and recieved +600kpps of garbage traffic as a result. Trying to acl/analyze/deal-with that flow was almost impossible... I'm not sure what you want to do with it today when our 'sinkhole' network is consistently handling +20kpps (5x previous) MORE of random garbage than 3 weeks ago, before blaster/nachi started to cause more pain :(
Just think, if you used loose uRPF, you wouldn't need to carry that traffic to your sinkhole network, even you win.
Current thread:
- RE: What were we saying about edge filtering?, (continued)
- RE: What were we saying about edge filtering? Terry Baranski (Sep 06)
- Re: What were we saying about edge filtering? Petri Helenius (Sep 07)
- Re: What were we saying about edge filtering? Petri Helenius (Sep 04)
- Re: What were we saying about edge filtering? Jack Bates (Sep 04)
- Re: What were we saying about edge filtering? bdragon (Sep 08)
- Re: What were we saying about edge filtering? Owen DeLong (Sep 04)
- Re: What were we saying about edge filtering? Iljitsch van Beijnum (Sep 05)
- Re: What were we saying about edge filtering? Jack Bates (Sep 06)
- Re: What were we saying about edge filtering? Sean Donelan (Sep 06)
- Re: What were we saying about edge filtering? bdragon (Sep 08)
- Re: What were we saying about edge filtering? Sean Donelan (Sep 08)
- Re: What were we saying about edge filtering? bdragon (Sep 12)