Krebs on Security booted off Akamai network after DDoS attack proves pricey
rekoil at semihuman.com
Sun Sep 25 18:46:40 UTC 2016
> On Sep 24, 2016, at 7:47 AM, John Levine <johnl at iecc.com> wrote:
>>> Well...by anycast, I meant BGP anycast, spreading the "target"
>>> geographically to a dozen or more well connected/peered origins. At that
>>> point, your ~600G DDoS might only be around
>> anycast and tcp? the heck you say! :)
> People who've tried it say it works fine. Routes don't flap that often.
There are a number of companies terminating anycasted TCP endpoints without issue. It’s not exactly turnkey, but it’s hardly black magic either.
Here’s Nick Holt @Microsoft presenting their experience: https://www.youtube.com/watch?v=40MONHHF2BU <https://www.youtube.com/watch?v=40MONHHF2BU>
More information about the NANOG