Peering with abusers...good or bad?
On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis <goemon@sasami.anime.net> wrote:
OVH does not suprise me in the least.
Maybe this is finally what it will take to get people to de-peer them.
If I de-peer them, I pay my upstream to carry the attack traffic. If I maintain peering with them, the attack traffic is free. It would seem the economics work the other way around. It would be more cost effective for me to identify the largest sources of attacks, and reach out to directly peer with them, to avoid paying an upstream to carry the traffic, if I'm going to end up throwing it away anyhow.
Le 2018-03-02 23:11, Matthew Petach a écrit :
On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis <goemon@sasami.anime.net> wrote:
OVH does not suprise me in the least.
Maybe this is finally what it will take to get people to de-peer them.
If I de-peer them, I pay my upstream to carry the attack traffic.
If I maintain peering with them, the attack traffic is free.
It would seem the economics work the other way around.
It would be more cost effective for me to identify the largest sources of attacks, and reach out to directly peer with them, to avoid paying an upstream to carry the traffic, if I'm going to end up throwing it away anyhow.
We are always trying to reply asap on peering@ovh.net if it's network related (it's not abuse and I don't manage it ;). You're welcome to share anything wrong so we can mitigate attack with our own antiddos system, if automatic detection didn't catched it. We are obviously not responsible for the memcached issue, and we get the same type / volume of attacks than everyone on input. You should not have a one way thought, and think about network peering is done with at least 2 peers which have sometimes the same problem without any direct responsibility. -- FABIEN VINCENT _@beufanet_
On Fri, Mar 2, 2018 at 2:13 PM Matthew Petach <mpetach@netflight.com> wrote:
On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis <goemon@sasami.anime.net> wrote:
OVH does not suprise me in the least.
Maybe this is finally what it will take to get people to de-peer them.
If I de-peer them, I pay my upstream to carry the attack traffic.
Your isp will do rtbh Your peers wont
If I maintain peering with them, the attack traffic is free.
It would seem the economics work the other way around.
It would be more cost effective for me to identify the largest sources of attacks, and reach out to directly peer with them, to avoid paying an upstream to carry the traffic, if I'm going to end up throwing it away anyhow.
On 3/2/18 5:29 PM, Ca By wrote:
On Fri, Mar 2, 2018 at 2:13 PM Matthew Petach <mpetach@netflight.com> wrote:
On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis <goemon@sasami.anime.net> wrote:
OVH does not suprise me in the least.
Maybe this is finally what it will take to get people to de-peer them.
If I de-peer them, I pay my upstream to carry the attack traffic.
Your isp will do rtbh
Your peers wont
Some public IXs support RTBH ... Equinix, DE-CIX, to name two ... PNIs is a different story.
If I maintain peering with them, the attack traffic is free.
It would seem the economics work the other way around.
It would be more cost effective for me to identify the largest sources of attacks, and reach out to directly peer with them, to avoid paying an upstream to carry the traffic, if I'm going to end up throwing it away anyhow.
On Sat, 3 Mar 2018 at 01:08, Bryan Holloway <bryan@shout.net> wrote:
On 3/2/18 5:29 PM, Ca By wrote:
On Fri, Mar 2, 2018 at 2:13 PM Matthew Petach <mpetach@netflight.com> wrote:
On Tue, Feb 27, 2018 at 4:13 PM, Dan Hollis <goemon@sasami.anime.net> wrote:
OVH does not suprise me in the least.
Maybe this is finally what it will take to get people to de-peer them.
If I de-peer them, I pay my upstream to carry the attack traffic.
Your isp will do rtbh
Your peers wont
Some public IXs support RTBH ... Equinix, DE-CIX, to name two ... PNIs is a different story.
Those IX “blackhole” mechanisms are a perverse ineffective method that exists solely for marketing reasons. If you aren’t blackholing in the fabric you aren’t blackholing. Kind regards, Job
participants (5)
-
Bryan Holloway -
Ca By -
Fabien VINCENT (NaNOG) -
Job Snijders -
Matthew Petach