[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DDoS Mitigation Survey

To: opsec@ops.ietf.org
Subject: DDoS Mitigation Survey
From: Merike Kaeo <kaeo@merike.com>
Date: Sun, 6 Mar 2005 00:04:03 -0800

I am looking for added input to my initial isp security practices draft. Specifically I'd like to make sure the 01 version will have clear information regarding what techniques are deployed for DDoS mitigation. The following questions need some resolution.....

- Where does loose vs strict uRPF get used? - Why would loose uRFP not be used? - What (if any) is problem with using remotely triggered blackhole routing? - Where does destination based vs source based triggered blackhole routing get used? - Do triggers usually get deployed based on traffic filters to all routers or are they BGP community based? - Where are prefix filters vs AS filters used? Why? - Any other DDoS mitigation techniques which are deployed today?

I had some info from initial survey and am sifting through NANOG archives since some of these issues have been discussed there. However, would appreciate any discussion or insights on this list from folks that are deploying these techniques and are able to comment publicly.

- merike

Follow-Ups:
- Re: DDoS Mitigation Survey
  - From: "Christopher L. Morrow" <christopher.morrow@mci.com>
- Re: DDoS Mitigation Survey
  - From: John Kristoff <jtk@northwestern.edu>
- Re: DDoS Mitigation Survey
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: Layer 2 access and Current Practices
Next by Date: draft-morrow-filter-caps-00 comments
Previous by thread: OPSEC WG -- agenda for Minneapolis, Wed at 1pm
Next by thread: Re: DDoS Mitigation Survey
Index(es):
- Date
- Thread