Re: Filter NTP traffic by packet size?
23 Feb
2014
23 Feb
'14
7:26 p.m.
What is the business model for the IX? Unauthorized filtering of incoming traffic risks collateral damage and outing exchange members seems problematic.
I never proposed for them to filter.
What is missing is filtering at IXP not by IXP. Most transits have blackhole communities so you can drop the DoS through them but peers usually do not. You end up shutting peering so your transit will drop it for you, not ideal. We could agree per peer to do the same but with route servers and lots of peers a standard for community and acceptance of it would be handy. Obviously there is risk in doing this with (lots of) peers as they tend to be prefix limited, not address filtered. brandon
3955
Age (days ago)
3955
Last active (days ago)
0 comments
1 participants
participants (1)
-
Brandon Butterworth