[191647] in North American Network Operators' Group
Re: Krebs on Security booted off Akamai network after DDoS attack
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Sat Sep 24 12:55:26 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <3CF1B7DD-BAE0-494A-B972-7E153A22E449@pch.net>
From: Christopher Morrow <morrowc.lists@gmail.com>
Date: Sat, 24 Sep 2016 12:55:22 -0400
To: Bill Woodcock <woody@pch.net>
Cc: John Levine <johnl@iecc.com>, nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sat, Sep 24, 2016 at 12:28 PM, Bill Woodcock <woody@pch.net> wrote:
>
> > On Sep 24, 2016, at 7:47 AM, John Levine <johnl@iecc.com> wrote:
> >
> >>> Well...by anycast, I meant BGP anycast, spreading the "target"
> >>> geographically to a dozen or more well connected/peered origins. At
> that
> >>> point, your ~600G DDoS might only be around
> >>
> >> anycast and tcp? the heck you say! :)
> >
> > People who've tried it say it works fine.
>
> It=E2=80=99s worked fine for 28 years, for me.
>
>
>
boy, it'd sure be nice if there were some 'science' and 'measurement'
behind such statements.
Didn't k-root do some anycast studies ~8-10 years back?
-chris
(note I'm totally a believer in anycast for tcp in the 'right'
circumstances, but often it feels like talking to climate-change-deniers
when proffering it as a solution)
