Do this, configure and use blackhole routing with your upstream, this is how you stop an attack How to detect it, use netflow. On 1/16/06, Patrick W. Gilmore <patrick@ianai.net> wrote:
On Jan 16, 2006, at 8:48 AM, Gustavo Rodrigues Ramos wrote:
Patrick W. Gilmore wrote:
Not much you can do about this in general. In your specific case, since we don't know why your sessions died, we don't know what to suggest to stop it. Perhaps change the timers with your upstream?
My BGP connections (and annoucements) with/to my ISPs are all fine.
The problem takes place five or six AS far from me... Where I can't do much. I still can't reach some prefixes announced by large ISPs.
At the first time, I thought an e-mail to the NOC of the network I can't reach can solve the problem, but it was a waste of time...
I'm a little confused.
Are you saying you dampened the prefixes of some other network? If so, it sounds like this is 100% in your control.
If the BGP sessions between you and your upstreams / peers never flapped, no one should have dampened you. (I can see it possibly happening if someone else in the path between you and $OtherNetwork is attacked and therefore flaps your routes, but that would affect a lot of networks, not just you.)
-- TTFN, patrick