+1, exactly what we did. I also recommend implementing
per-upstream/region blackhole communities (so your users can choose who
to blackhole as they see fit.)
Often time, DDoS traffic comes from regions that do not intersect with
legitimate traffic.
On 2/4/2019 03:15 午前, Tom Hill wrote:
On 3
On 31/01/2019 20:17, Nick Hilliard wrote:
> you should implement a different community for upstream blackholing.
> This should be stripped at your upstream links and replaced with the
> provider's RTBH community. Your provider will then handle export
> restrictions as they see fit.
This works wo
2 matches
Mail list logo
