North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Real world Anti-DDOS attack practice.
- From: Yu Ning
- Date: Thu Mar 22 19:26:47 2001
Hi nanog,
I'm sorry if I raise a clich¨¦ topic, but I've searched the nanog archive and
get no satisfied answer.
The question is quite simple, what's the best practice if my downstream customer
report a heavy DDOS attack (icmp based, not source addr. spoofing)? Yes, to
filter out the packet via ACL, but the impact on oc3/48 link with ACL packet filtering
sounds to be a nightmare.
If there is any effective practice to prevent my engineer from patching the router
here and there via packet ACL ? Yes again via dCAR to rate-limiting the icmp traffic,
but as soon as you mention the packet-filtering method, it seems as if my router is
in smoke.
Then I wonder what my US counterpart do to beat DDOS attack to their customer?
Best real world practice ? How about tier-1 like UUNet ?
thanks for any input.
--------------------------------------------
(Mr.) Yu Ning, Chief Engineer
ChinaNET Sr. Support & New Service Dev.
Data Communication Bureau, China Telecom
Beijing, P.R.China +86-10-62072357/62072354
--------------------------------------------
|
