[18961] in North American Network Operators' Group
Re: spare swamp space?
daemon@ATHENA.MIT.EDU (Brandon Ross)
Mon Aug 24 11:34:57 1998
Date: Thu, 20 Aug 1998 17:25:43 -0400 (EDT)
From: Brandon Ross <bross@mindspring.net>
To: nanog@merit.edu
In-Reply-To: <199808192251.XAA29055@diamond.xara.net>
On Wed, 19 Aug 1998, Alex Bligh wrote:
> Yeah, if you discard at the end of your upstream provider's link, then
> that link will get saturated if you are smurfed enough. Last time we
> had a really bad one, we were looking at 6-10Mb/s which was not enough
> to saturate transit DS-3s, but enough to saturate a few bits of internal
> network (us international providers have the odd small line here and
> there). Obviously the further upstream you put it the better.
See that's the beauty of using either the swamp space or, if I have to and
can negotiate it, private space. The echo-replies get dropped right at
their source since there's no route back to me.
> One of the problems here is lack of interest from peers and upstreams. If
> you catch their interest at sales time rather than at abuse time
> (i.e. you configure something similar into their router on setup),
> that would be optimal.
This is exactly what I'm doing going forward with new external
connectivity. One of the questions I will have of all future transit
negotiations will be to ask if they are willing to trace spoofed traffic
and to ask if they will commit to a reasonable turnaround time to get
their customer's amplifying networks fixed once reported.
Brandon Ross Network Engineering 404-815-0770 800-719-4664
Director, Network Engineering, MindSpring Ent., Inc. info@mindspring.com
ICQ: 2269442
Stop Smurf attacks! Configure your router interfaces to block directed
broadcasts. See http://www.quadrunner.com/~chuegen/smurf.cgi for details.
