Effective ways to deal with DDoS attacks?

• Previous message (by thread): Effective ways to deal with DDoS attacks?
• Next message (by thread): Effective ways to deal with DDoS attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2 May 2002, Richard A Steenbergen wrote:

> RPF works by matching the source address of the packet against the CEF
> table, in addition to the normal match against the destination address.
> There are multiple modes of operation, ranging from "is there a route
> for the source address to the specific interface it come in on" to "is
> there a route to the source address for ANY interface on the box" The
> former is used to stop your single homed customers from spoofing wildly
> into the internet.

You can do this for multihomed customers to: it's just that multihomed
customers can't use it for traffic coming from their transits (= you),
because uRPF breaks asymmetric routing.

• Previous message (by thread): Effective ways to deal with DDoS attacks?
• Next message (by thread): Effective ways to deal with DDoS attacks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]