North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: attacking DDOS using BGP communities?

  • From: Saku Ytti
  • Date: Fri Oct 18 03:45:50 2002

On (2002-10-18 00:15 -0400), John Fraizer wrote:

> > 2) 'TTL' community.
> > 
> > -just think about the amount of route-maps :>
> 
> Whoa.  Decrementing a single community integer value while leaving others
> unchanged would seem to be a bit tricky.  This would require much more
> work on the part of others than the first suggestion and I think it would
> attract far fewer participants for that matter.

Actually would it matter if it wouldn't be additive change? Since it
would be diagnostic/special case. But of course it would be trivial for the
vendors to add support for changing the communities this way, if
this could be performed as a additive change you could offer your 
customers automaticly partial visiblity under DOS attack until it's
resolved rather than 0 visibility.

Not to mention how much it would ease pinpointing faulty/aggressive parties
thus in long run it could have very positive effect for things like proper
anti-spoofing configurations.

-- 
  ++ytti