Krebs on Security booted off Akamai network after DDoS attack proves pricey

Chris Woodfield rekoil at
Sun Sep 25 18:46:40 UTC 2016

> On Sep 24, 2016, at 7:47 AM, John Levine <johnl at> wrote:
>>> anycast, I meant BGP anycast, spreading the "target"
>>> geographically to a dozen or more well connected/peered origins.  At that
>>> point, your ~600G DDoS might only be around
>> anycast and tcp? the heck you say! :)
> People who've tried it say it works fine.  Routes don't flap that often.

There are a number of companies terminating anycasted TCP endpoints without issue. It’s not exactly turnkey, but it’s hardly black magic either. 

Here’s Nick Holt @Microsoft presenting their experience: <> 


More information about the NANOG mailing list