[dns-operations] EDNS0
Ejay Hire
ejay.hire at isdn.net
Thu Mar 2 15:27:18 UTC 2006
> One of the victims of the recent amplification attacks
survived
> with great aplomb. The miscreants then went after the
upstream
> routers. At no point was the bandwidth or any arbitrary
limit
> exceeded, but the routers failed just the same. Do we
enact
> similar limits on traffic to (and from) the routers? All
> routers?
This was the case in our attack. When we (the target's ISP)
popped back up on the internet (blackhole communities are
good) they switched the attack further upstream. This
caused several providers with routers much larger than ours
to have failures. If you have a time machine routing tool,
take a look back at the bgp churn for WvFiber and At&t on
2/7 and 2/8.
-ejay
More information about the dns-operations
mailing list