FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks

Christopher L. Morrow christopher.morrow at mci.com
Sat Oct 2 00:52:17 UTC 2004


On Sat, 2 Oct 2004, Fergie (Paul Ferguson) wrote:

> Given recent discussions on blackholing traffic, this may
> be of interest.
>
> - ferg
>
> [snip]
>
> A new Request for Comments is now available in online RFC libraries.
>
>
>         RFC 3882
>
>         Title:      Configuring BGP to Block Denial-of-Service Attacks
>         Author(s):  D. Turk
>         Status:     Informational
>         Date:       September 2004
>         Mailbox:    doughan.turk at bell.ca
>         Pages:      8
>         Characters: 19637
>         Updates/Obsoletes/SeeAlso:    None
>
>         I-D Tag:    draft-turk-bgp-dos-07.txt
>
>         URL:        ftp://ftp.rfc-editor.org/in-notes/rfc3882.txt
>
>
> This document describes an operational technique that uses BGP
> communities to remotely trigger black-holing of a particular
> destination network to block denial-of-service attacks.  Black-holing
> can be applied on a selection of routers rather than all BGP-speaking
> routers in the network.  The document also describes a sinkhole tunnel

This tunneling is 'centertrack' which is patented... Also, tunneling is a
dangerous prospect when you get very large amounts of attack traffic.



More information about the NANOG mailing list