North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks
On Sat, 2 Oct 2004, Fergie (Paul Ferguson) wrote: > Given recent discussions on blackholing traffic, this may > be of interest. > > - ferg > > [snip] > > A new Request for Comments is now available in online RFC libraries. > > > RFC 3882 > > Title: Configuring BGP to Block Denial-of-Service Attacks > Author(s): D. Turk > Status: Informational > Date: September 2004 > Mailbox: [email protected] > Pages: 8 > Characters: 19637 > Updates/Obsoletes/SeeAlso: None > > I-D Tag: draft-turk-bgp-dos-07.txt > > URL: ftp://ftp.rfc-editor.org/in-notes/rfc3882.txt > > > This document describes an operational technique that uses BGP > communities to remotely trigger black-holing of a particular > destination network to block denial-of-service attacks. Black-holing > can be applied on a selection of routers rather than all BGP-speaking > routers in the network. The document also describes a sinkhole tunnel This tunneling is 'centertrack' which is patented... Also, tunneling is a dangerous prospect when you get very large amounts of attack traffic.