|
Thread Index Re: [isp-bgp] Suggested solution to prevent my prefixes from being suppressed (fwd)
On (21/10/04 23:43), mmostafa@... wrote:
> We are suffering from a sequence of DDOS attacks targeting our ips ,
> causing one of the two running BGP sessions with our international provider
> to flap 3 or 4 times each time we are subjected to such attacks that
> results in a massive degradation in our downstream traffic due to route
> flap damping .
is the dos against your router? is your link being saturated to the
point that your bgp keepalives are being dropped? router cpu not
able to keep up with the load?
> 1-we advertise 3 ip blocks to our international ISP through both links , i
> will break each block into 2 more specific contigouse components , hence my
> international ISP edge routers will have 2 copies of 6 more specific
> compnents with diffrent LP , then i will ask my ISP to aggregate them back
> to the original 3 bloocks and suppress more specific components plus
> keeping the AS path information as its in form of AS-SET .
if your provider is going to generate an aggregate and announce it,
then you could be blackholing your traffic if your links are
dropping and they don't have the specifics to route back to you...
i would look into rate-limiting and/or filtering of the dos-related
traffic and keep your bgp setup simple.
my $0.02
/joshua
--
witty dot.sig goes here
_____________________________________________________
** ISPCON Fall 2004 - Santa Clara Convention Center **
** The ISP and WISP event - http://www.ispcon.com **
** Fill your brain. Meet the people. Join the industry gathering. **
________________________________________________________
To unsubscribe via postal mail, please contact us at:
Jupitermedia Corp.
Attn: Discussion List Management
475 Park Avenue South
New York, NY 10016
Please include the email address which you have been contacted with.
<- Previous Message | Next Message -> Thread Index |
|
