syn flood attacks from NL-based netblocks

• Previous message (by thread): syn flood attacks from NL-based netblocks
• Next message (by thread): syn flood attacks from NL-based netblocks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 19, 2019, 9:27 PM Valdis Klētnieks <valdis.kletnieks at vt.edu>
wrote:

> On Mon, 19 Aug 2019 21:18:49 +0300, Töma Gavrichenkov said:
>
> > If you're doing load balancing for *outgoing* traffic — and in exactly
> the
> > same manner as you do with incoming — then maybe.
>
> On the other hand, your servers should probably be doing non-loadbalanced
> outbound on a different IP address than the inbound load balancer, and
> thus the
> syn-ack should have zero trouble getting back to the box it thought the syn
> came from.
>

Killing it with the packet rate in the process?

I assume this is about time to start drawing diagrams, otherwise we'll be
quickly lost in context.

--
Töma

>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190819/7a5fed7a/attachment.html>

• Previous message (by thread): syn flood attacks from NL-based netblocks
• Next message (by thread): syn flood attacks from NL-based netblocks
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]