syn flood attacks from NL-based netblocks
Valdis Kl=?utf-8?Q?=c4=93?=tnieks
valdis.kletnieks at vt.edu
Mon Aug 19 18:27:33 UTC 2019
On Mon, 19 Aug 2019 21:18:49 +0300, Töma Gavrichenkov said:
> If you're doing load balancing for *outgoing* traffic â and in exactly the
> same manner as you do with incoming â then maybe.
On the other hand, your servers should probably be doing non-loadbalanced
outbound on a different IP address than the inbound load balancer, and thus the
syn-ack should have zero trouble getting back to the box it thought the syn
came from.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190819/d4b4db78/attachment.sig>
More information about the NANOG
mailing list