[190856] in North American Network Operators' Group
Re: Cloudflare, dirty networks and politricks
daemon@ATHENA.MIT.EDU (Ca By)
Thu Jul 28 20:34:45 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <28E6FC71-F6FF-49B9-B861-3B573372594F@f5.com>
From: Ca By <cb.list6@gmail.com>
Date: Thu, 28 Jul 2016 17:34:39 -0700
To: Donn Lasher <D.Lasher@f5.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Thursday, July 28, 2016, Donn Lasher via NANOG <nanog@nanog.org> wrote:
> On 7/28/16, 10:17 AM, "NANOG on behalf of J. Oquendo" <
> nanog-bounces@nanog.org <javascript:;> on behalf of joquendo@e-fensive.ne=
t
> <javascript:;>> wrote:
>
>
> >While many are chanting: #NetworkLivesMatter, I have yet
> >to see, read, or hear about any network provider being
> >the first to set precedence by either de-peering, or
> >blocking traffic from Cloudflare. There is a lot of
> >keyboard posturing: "I am mad and I am not going to take
> >it anymore" hooplah but no one is lifting a finger to
> >do anything other than regurgitate "I am mad... This is
> >criminal."
>
> (long discussion, was waiting for a place to jump in..)
>
> If we want to be accurate about it, Cloudflare doesn=E2=80=99t host the D=
DoS, they
> protect the website of seller of the product. We shouldn=E2=80=99t be de-=
peering
> Cloud Flare over sites they protect any more than we would de-peer GoDadd=
y
> over sites they host, some of which, no doubt, sell gray/black
> market/illegal items/services.
>
> If, on the other hand, you can find a specific network actually
> generating the volumes of DDoS, you should have a conversation about
> de-peering=E2=80=A6.
>
> $0.02=E2=80=A6
>
>
>
Agreed. Cloudflare is just the messenger
The ddos is coming from your ssdp, dns, and ntp servers. Not Cloudflare.
I see a lot of ddos traffic.
It is always udp
Comcast took a huge step in stemming the ssdp problem in their network,
http://labs.comcast.com/preventing-ssdp-abuse
Thanks Comcast!
But they still host tens of thousands, perhaps more, open dns resolvers
that attack us.
