[74555] in North American Network Operators' Group
Re: FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Fri Oct 1 20:53:27 2004
Date: Sat, 02 Oct 2004 00:52:17 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <20041001.173431.3306.1110005@webmail11.lax.untd.com>
To: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, 2 Oct 2004, Fergie (Paul Ferguson) wrote:
> Given recent discussions on blackholing traffic, this may
> be of interest.
>
> - ferg
>
> [snip]
>
> A new Request for Comments is now available in online RFC libraries.
>
>
> RFC 3882
>
> Title: Configuring BGP to Block Denial-of-Service Attacks
> Author(s): D. Turk
> Status: Informational
> Date: September 2004
> Mailbox: doughan.turk@bell.ca
> Pages: 8
> Characters: 19637
> Updates/Obsoletes/SeeAlso: None
>
> I-D Tag: draft-turk-bgp-dos-07.txt
>
> URL: ftp://ftp.rfc-editor.org/in-notes/rfc3882.txt
>
>
> This document describes an operational technique that uses BGP
> communities to remotely trigger black-holing of a particular
> destination network to block denial-of-service attacks. Black-holing
> can be applied on a selection of routers rather than all BGP-speaking
> routers in the network. The document also describes a sinkhole tunnel
This tunneling is 'centertrack' which is patented... Also, tunneling is a
dangerous prospect when you get very large amounts of attack traffic.
