pendent on
> Validators downloading updated ROAs, which may be longer than the DDoS lasts.
>
> Lee
>
>
> -Original Message-
> From: NANOG On Behalf
> Of Steven Wallace
> Sent: Friday, October 18, 2024 9:50 AM
> To: nanog@nanog.org
> Subject: It can be chall
sed to represent
a network’s customer cone.
That’s my understanding.
steve
Steven Wallace
Director - Routing Integrity
Internet2
s...@internet2.edu
Steven Wallace
Date: Friday, October 18, 2024 at 7:52 AM
To: nanog@nanog.org
Subject: It can be challenging to advise DDoS mitigation subscribers
on their RPKI-ROA needs
DDoS mitigation services, particularly those that dynamically announce
more specific routes during an attack, add complexity when
space to explore opportunities for
improvement. Any suggestions or input on this topic would be greatly
appreciated.
thanks,
steven
Steven Wallace
Director - Routing Integrity
Internet2
s...@internet2.edu
, allowing the entire set of
customer routes to be announced via an as-set.
Is this a common approach?
Just curious.
thanks,
steve
Steven Wallace
Director - Routing Integrity
Internet2
s...@internet2.edu
include longer ROAs:
https://rpki.cloudflare.com/?view=validator&validateRoute=1351_209.198.99.64%2F27
Cloudflare, any chance you could include all ROAs in this file?
thanks,
steve
Steven Wallace
Director - Routing Integrity
Internet2
s...@internet2.edu
the peer
announcing the covering prefix blackholes traffic to the covered prefix.
Is this accepted behavior, or should a peer announcing a covering prefix always
delver packets to its covered routes?
Does this happen often?
Thanks!
Steven Wallace
Indiana University
smime.p7s
Description: S
the peer
announcing the covering prefix blackholes traffic to the covered prefix.
Is this accepted behavior, or should a peer announcing a covering prefix always
delver packets to its covered routes?
Does this happen often?
Thanks!
Steven Wallace
Indiana University
smime.p7s
Description: S
8 matches
Mail list logo
