Blackhole for DDoS mitigation

Andre Nathan andre at digirati.com.br
Mon Dec 30 13:56:25 CET 2013


Hi Michael,

On 12/30/2013 10:17 AM, Michael Hallgren wrote:
> I suggest you get in touch with your upstreams networks (providers),
> asking them to drop that traffic at their edge. Better than the call NOC
> approach, they may provide you means to signal this for example by
> using BGP community values. (Further down the road, they may provide
> more fine grained means. You know the nature of the attack? And you
> may want to look into local ways of more service specific protection.
> However, as a first step you need to clear out congestion of your
> upstreams links.)

Yes, I'll contact them and see if they implement RFC3882. I'm not
currently under attack, but in the past using a simple iptables rule on
the router has proved effective to at least get the rest of my network
up again. I'm just trying to achieve the same from Bird now, hence the
blackhole routes.

Cheers,
Andre

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20131230/7720e63f/attachment-0001.asc>


More information about the Bird-users mailing list