Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks

  • From: Fergie (Paul Ferguson)
  • Date: Fri Oct 01 20:37:28 2004


Given recent discussions on blackholing traffic, this may
be of interest.

- ferg

[snip]

A new Request for Comments is now available in online RFC libraries.


        RFC 3882

        Title:      Configuring BGP to Block Denial-of-Service Attacks
        Author(s):  D. Turk
        Status:     Informational
        Date:       September 2004
        Mailbox:    doughan.turk@bell.ca
        Pages:      8
        Characters: 19637
        Updates/Obsoletes/SeeAlso:    None

        I-D Tag:    draft-turk-bgp-dos-07.txt

        URL:        ftp://ftp.rfc-editor.org/in-notes/rfc3882.txt


This document describes an operational technique that uses BGP
communities to remotely trigger black-holing of a particular
destination network to block denial-of-service attacks.  Black-holing
can be applied on a selection of routers rather than all BGP-speaking
routers in the network.  The document also describes a sinkhole tunnel
technique using BGP communities and tunnels to pull traffic into a
sinkhole router for analysis.

[snip]

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg@netzero.net or
 fergdawg@sbcglobal.net




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.