[AusNOG] UDP Flooding Issues
Curtis Bayne
curtis at bayne.com.au
Thu Jun 19 14:18:35 EST 2008
Are these the same routing police that get narky when you deaggregate for TE? ;)
Curtis
________________________________________
From: ausnog-bounces at ausnog.net [ausnog-bounces at ausnog.net] On Behalf Of James Spenceley [james at vocus.com.au]
Sent: Thursday, 19 June 2008 2:19 PM
To: Phillip Grasso
Cc: ausnog at ausnog.net; Sean K. Finn
Subject: Re: [AusNOG] UDP Flooding Issues
expect a lot of phone calls and email from the routing police, people
tend to get *really* upset when you do this.
--
James
On 19/06/2008, at 1:23 PM, Phillip Grasso wrote:
> well if it's an insignificant ISP and you wanted to do some
> *extremely* dodgy, then via the return path advertise their ASN
> (prepend the offending AN number) in your announcements. this will
> force their routers to drop your routes as it should be a bgp loop
> prevention mechanism. There are lots of things that might stop this
> from happening, including route filters on in the path inbetween.
>
> Otherwise the simplier method is to contact them or your isp to filter
> to traffic in question.
>
> 2008/6/19 Sean K. Finn <Sean.Finn at ozservers.com.au>:
>> Hi All,
>>
>>
>>
>> Does anyone know any techniqiues or ways to block BGP adverts to
>> third party
>> AS's, or a similar method for dropping routes *to* our AS from a
>> distant,
>> non directly connected AS ?
>>
>>
>>
>> For example, is there a way to inject or craft maybe a network
>> unreachable
>> message or something that we can send to the offending A.S. to
>> remove their
>> routing information for *our* network / AS / IP ranges?
>>
>>
>>
>> My scenario is that I'm trying to block UDP floods to our network,
>> and I'm
>> sure many of you have had experience with this. Im not looking for
>> a total
>> solution, although If you have any recommendations , that would be
>> great.
>> What I'm really after is just once peice of the puzzle to see if we
>> can
>> selectively choose which remote networks we are visible, as a
>> direct first
>> step to stopping attacks until a human can intervene.
>>
>>
>>
>> Cheers,
>>
>> Sean.
>>
>> ________________________________
>>
>> Oz Servers
>> e: sean.finn at ozservers.com.au
>> w: http://www.ozservers.com.au
>> p: 1300 13 89 69
>>
>>
>>
>> /
>>
>> ________________________________
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at ausnog.net
>> http://www.ausnog.net/mailman/listinfo/ausnog
>>
>>
> _______________________________________________
> AusNOG mailing list
> AusNOG at ausnog.net
> http://www.ausnog.net/mailman/listinfo/ausnog
CEO
Vocus Group Limited
Level 2, Vocus House
189 Miller Street
North Sydney, NSW 2060
(m) +61 407 496 866
(w) +61 2 9959 3913
_______________________________________________
AusNOG mailing list
AusNOG at ausnog.net
http://www.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list