[58396] in North American Network Operators' Group
Re: Using Policy Routing to stop DoS attacks
daemon@ATHENA.MIT.EDU (Stefan Mink)
Mon May 12 05:56:29 2003
Date: Mon, 12 May 2003 11:55:52 +0200
From: Stefan Mink <mink@schlund.net>
To: "Christopher L. Morrow" <chris@UU.NET>
Cc: Haesu <haesu@towardex.com>, jtk@aharp.is-net.depaul.edu,
nanog@merit.edu
In-Reply-To: <Pine.GSO.4.33.0303251654050.16800-100000@rampart.argfrp.us.uu.net>
Errors-To: owner-nanog-outgoing@merit.edu
--2fowzm2eVyDiEwGH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Mar 25, 2003 at 04:58:59PM +0000, Christopher L. Morrow wrote:
> you could hold blackhole routes for these destinations in your route table
> (local or bgp) So long as the destination for the source is bad (null for
> instance) the traffic would get dropped. I believe the proper terms from
> cisco for this are: "So long as the adjacency is invalid" ...
is there a way to make this source-blackhole-routing work=20
on J's too (does this work with discard-routes too)?
tschuess
Stefan
--=20
Stefan Mink, Schlund+Partner AG (AS 8560)
Primary key fingerprint: 389E 5DC9 751F A6EB B974 DC3F 7A1B CF62 F0D4 D2BA
--2fowzm2eVyDiEwGH
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+v2+oehvPYvDU0roRAsHDAJ9kEHAlSI5UsxwR+7j72I4BgWXQNACcCxG0
mF1pvsFkeIzn2Yu49fVZDwk=
=HhSc
-----END PGP SIGNATURE-----
--2fowzm2eVyDiEwGH--
