Print

Print


On a separate note, did anyone experience very intermittent Internet issues last night for about 30 minutes or so?

 

Jeff Wilde

IT Manager

Park Region Telephone Company

P: 218-826-8330

E: [log in to unmask]

 

From: MICE Discuss <[log in to unmask]> On Behalf Of Andrew Hoyos
Sent: Thursday, June 20, 2019 11:48 AM
To: [log in to unmask]
Subject: Re: [MICE-DISCUSS] ADV: [MICE-DISCUSS] Blackholing DoS traffic

 

On Jun 20, 2019, at 11:39 AM, Doug McIntyre <[log in to unmask]> wrote:

On Thu, Jun 20, 2019 at 04:33:12PM +0000, Frank Bulk wrote:

https://www.seattleix.net/blackholing

Does MICE have an blackholng functionality  equivalent to SIX?

I was visiting with a DDoS mitigation vendor this morning and was curious if there was a way we could automatically mitigate DoS attack traffic coming from a MICE peer.



You can adjust the routing with communities, ie. in the MICE communities aera of
http://micemn.net/technical.html

you could block-hole the AS that is sending you that traffic.

 

unfortunately, that just has the effect of traffic going elsewhere - not a blackhole effect. the communities in place would just cause the route not to be advertised to said peer, and the traffic would just ingress your network via a different path. In the case of a DDOS, it’s likely you have multiple ASN’s targeting you.

 

https://www.seattleix.net/blackholing

 

SIX, as an example, has a blackhole IP address, and the route servers matching a blackhole community to set next hop to this to sink the traffic on the switch fabric.

Perhaps something we should look into for MICE.

 

 

Andrew Hoyos

[log in to unmask]

 

 

 


To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1



To unsubscribe from the MICE-DISCUSS list, click the following link:
http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1