FYI: RFC 3882 on Configuring BGP to Block Denial-of-Service Attacks
Fergie (Paul Ferguson)
fergdawg at netzero.net
Sat Oct 2 00:34:23 UTC 2004
Given recent discussions on blackholing traffic, this may
be of interest.
- ferg
[snip]
A new Request for Comments is now available in online RFC libraries.
RFC 3882
Title: Configuring BGP to Block Denial-of-Service Attacks
Author(s): D. Turk
Status: Informational
Date: September 2004
Mailbox: doughan.turk at bell.ca
Pages: 8
Characters: 19637
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-turk-bgp-dos-07.txt
URL: ftp://ftp.rfc-editor.org/in-notes/rfc3882.txt
This document describes an operational technique that uses BGP
communities to remotely trigger black-holing of a particular
destination network to block denial-of-service attacks. Black-holing
can be applied on a selection of routers rather than all BGP-speaking
routers in the network. The document also describes a sinkhole tunnel
technique using BGP communities and tunnels to pull traffic into a
sinkhole router for analysis.
[snip]
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg at netzero.net or
fergdawg at sbcglobal.net
More information about the NANOG
mailing list