[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FlowSpec

Subject: FlowSpec
From: Rich.Compton at charter.com (Compton, Rich A)
Date: Thu, 23 Apr 2020 15:46:09 +0000
In-reply-to: <CAMDdSzMaRVXDK7dHpqTovrQ9v74wM57sSaWt5hAd+kxYk5NyZQ@mail.gmail.com>
References: <CAMDdSzMaRVXDK7dHpqTovrQ9v74wM57sSaWt5hAd+kxYk5NyZQ@mail.gmail.com>

Hi Colton,
It is fairly common to use flowspec internally at an ISP for mitigation of DDoS attacks.  eBGP flowspec is not very common though.  I know of only a couple of ISPs that allow flowspec rules to be advertised by their customers.  The biggest issue with this is that other providers are very hesitant to allow an external party to reach into their routers and modify the configuration (add a flowspec rule).  I (with others at my company) had attempted to work on this to provide a validation mechanism that would be performed on the advertised rules before adding them to the router.  We didnâ??t see much interest at that time on this.  https://www.youtube.com/watch?v=rKEz8mXcC7o

References:
- FlowSpec
  - From: colton.conor at gmail.com (Colton Conor)

Prev by Date: Comcast - Significant v4 vs v6 throughput differences, almost stateful.
Next by Date: Comcast - Significant v4 vs v6 throughput differences, almost stateful.
Previous by thread: FlowSpec
Next by thread: FlowSpec
Index(es):
- Date
- Thread