nanog mailing list archives
Re: TWC (AS11351) blocking all NTP?
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Mon, 3 Feb 2014 19:19:55 +0000
On Feb 4, 2014, at 12:42 AM, Peter Phaal <peter.phaal () gmail com> wrote:
Real-time analytics based on measurements from switches/routers (sFlow/PSAMP/IPFIX) can identify large UDP flows and integrated hybrid OpenFlow, I2RS, REST, NETCONF APIs, etc. can be used to program the switches/routers to selectively filter traffic based on UDP port and IP source / destination. By deploying a DDoS mitigation SDN application, providers can use their existing infrastructure to protect their own and their customers networks from flood attacks, and generate additional revenue by delivering flood protection as a value added service.
This is certainly a general capability set towards which many operators are evolving (and it's always amusing how you leave out NetFlow, which many operators use, but include sFlow, which very few operators use, heh), but it's going to be quite some time before this sort of thing is practical and widely-deployale. Believe me, I've been working towards this vision for many years. It isn't going to happen overnight.
Specifically looking at sFlow, large flood attacks can be detected within a second.
And with NetFlow, and with IPFIX - the first of which is widely deployed today, and the second of which will be widely deployed in future. ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton
Current thread:
- Re: TWC (AS11351) blocking all NTP?, (continued)
- Re: TWC (AS11351) blocking all NTP? Glen Turner (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Christopher Morrow (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Jay Ashworth (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Peter Phaal (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Christopher Morrow (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Laszlo Hanyecz (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Christopher Morrow (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Laszlo Hanyecz (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Dobbins, Roland (Feb 03)
- Re: TWC (AS11351) blocking all NTP? Stephane Bortzmeyer (Feb 03)
- BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Paul Ferguson (Feb 03)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Cb B (Feb 03)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Jay Ashworth (Feb 03)
- Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] jamie rishaw (Feb 06)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Jared Mauch (Feb 04)
- Re: TWC (AS11351) blocking all NTP? William Herrin (Feb 04)
- Re: TWC (AS11351) blocking all NTP? Jared Mauch (Feb 04)
- BCP38 [Was: Re: TWC (AS11351) blocking all NTP?] Paul Ferguson (Feb 04)