Walter Prue wrote:
This second low speed connection thus becomes a lightning rod for the DDOS traffic most of which will be discarded and not even delivered due to congestion on the slow speed link, the slower the better for you. This of course kills all traffic to the attacked node but the rest of ^^^^^^^^^^^^^^^^^ the network remains usable.
Including the BGP session, I would think, thus causing it to reset and drop the route, sending all the traffic back to the primary, which unfloods the smaller link, which re-advertises, which... Flappage, anyone? -- *************************************************************************** Joel Baker System Administrator - lightbearer.com lucifer@lightbearer.com http://www.lightbearer.com/~lucifer