[AusNOG] DDOS mitigation

Roland Dobbins rdobbins at arbor.net
Mon May 13 01:02:18 EST 2013



James Braunegg <james.braunegg at micron21.com> wrote:

>I find for compromised website servers etc you can assist by using QOS
>to rate limit say based on matching UDP, ICMP and TCP traffic along
>with packet storm control to limit the number of packets coming from a
>particular server at the switch port level (assuming you have full
>layer 3 functions on your top of rack switch) allowing you to isolate
>the script without causing a lot of damage to your network.

Using QoS mechanisms to try and mitigate DDoS attacks generally doesn't work very well - the programmatically-generated attack traffic ends up 'crowding out' the legitimate traffic.

---------------------------------------
Roland Dobbins <rdobbins at arbor.net>



More information about the AusNOG mailing list