[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
DDoS Mitigation Survey
I am looking for added input to my initial isp security practices
draft. Specifically I'd like to make sure the 01 version will have
clear information regarding what techniques are deployed for DDoS
mitigation. The following questions need some resolution.....
- Where does loose vs strict uRPF get used?
- Why would loose uRFP not be used?
- What (if any) is problem with using remotely triggered blackhole
- Where does destination based vs source based triggered blackhole
routing get used?
- Do triggers usually get deployed based on traffic filters to all
routers or are they BGP community based?
- Where are prefix filters vs AS filters used? Why?
- Any other DDoS mitigation techniques which are deployed today?
I had some info from initial survey and am sifting through NANOG
archives since some of these issues have been discussed there.
However, would appreciate any discussion or insights on this list from
folks that are deploying these techniques and are able to comment