[j-nsp] DDoS to core interface - mitigation
Pierre Emeriaud
petrus.lt at gmail.com
Fri Mar 9 10:40:17 EST 2018
2018-03-09 15:48 GMT+01:00 <adamv0025 at netconsultings.com>:
>
> But I was actually referring to the very appealing idea you proposed in b) to not to even advertise the range -so the DDoS traffic would not even end up at your doorstep as simply the Internet would not have route for any of your p2p links.
this is really nice and a must-have, but has the side effect (bonus or
not, up to you) to make your network 'invisible' to others if they
have urpf enabled towards you.
More information about the juniper-nsp
mailing list