syn flood attacks from NL-based netblocks

• Previous message (by thread): syn flood attacks from NL-based netblocks
• Next message (by thread): syn flood attacks from NL-based netblocks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 19 Aug 2019 20:44:47 +0300, Töma Gavrichenkov said:

> Not in a typical DC/ISP environment!  With the solution you propose, a
> perfect routing symmetry is a hard requirement, b/c you need to make
> sure a returning SYN/ACK hits the very same machine as the initial
> SYN.

If your load balancer isn't doing something to make that situation work properly,
you need to talk to your vendor.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190819/9b7a20e2/attachment.sig>

• Previous message (by thread): syn flood attacks from NL-based netblocks
• Next message (by thread): syn flood attacks from NL-based netblocks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]