Effective ways to deal with DDoS attacks?

Ralph Doncaster ralph at istop.com
Mon May 6 23:39:44 UTC 2002


On Mon, 6 May 2002, Valdis.Kletnieks at vt.edu wrote:

> On Mon, 06 May 2002 19:04:11 EDT, Ralph Doncaster said:
> 
> > IP Tunneling - it often makes more sense to send packets out that have a
> > source address reachable only through the tunnel.
> 
> But aren't those source addresses hidden *inside* the encapsulation, and
> what's visible to routers are the source/dest IPs of the tunnel itself?

What I'm saying is that if something comes in through the tunnel, the
shortest route to the destination is often not to go back out through the
tunnel.




More information about the NANOG mailing list