[61898] in North American Network Operators' Group
Re: What were we saying about edge filtering?
daemon@ATHENA.MIT.EDU (bdragon@gweep.net)
Mon Sep 8 22:38:00 2003
To: chris@UU.NET (Christopher L. Morrow)
Date: Mon, 8 Sep 2003 22:37:18 -0400 (EDT)
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.53.0309050641110.171@rampart.argfrp.us.uu.net> from "Christopher L. Morrow" at Sep 05, 2003 06:46:21 AM
From: bdragon@gweep.net
Errors-To: owner-nanog-outgoing@merit.edu
> keep in mind its not destination addresses that are the problem here, BUT
> if it was, on an experiment (not a very smart one) we routed 0/1 to a lab
> system inside 701 once in 2001 (as I recall, so before
> nimda/code-red/blaster) and recieved +600kpps of garbage traffic as a
> result. Trying to acl/analyze/deal-with that flow was almost impossible...
> I'm not sure what you want to do with it today when our 'sinkhole' network
> is consistently handling +20kpps (5x previous) MORE of random garbage
> than 3 weeks ago, before blaster/nachi started to cause more pain :(
Just think, if you used loose uRPF, you wouldn't need to carry that traffic
to your sinkhole network, even you win.
