A Suggestion For Null Routes
-
- This is my homepage
- Posts: 1192
- https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
- Joined: Thu Aug 10, 2006 9:41 pm
- Contact:
Re: A Suggestion For Null Routes
It is partially automated and partially manual. We describe it in detail here: http://www.nfoservers.com/forums/viewto ... 25&t=11456IcEWoLF wrote:Is it an automated system that does the null routing or do you usually review everything before null routing?
We carefully choose the amount of time based on how much a null-route-worthy attack would impact customers and the likelihood of another attack against a target occurring within the null-routed period. Both of these determinations are made based on what we see from current attack activity. 8h is on the low end, but we have used as low as 4h at times.8 hours sounds excessive, why can't it be less?
As described in the article (which is linked in every events log post made to the rare customer who requires a null-route), we also remove a null-route if we determine that it was a false positive or believe that the attack would be mitigated effectively were it to immediately recur. False positives are extremely rare.
I keep saying this because it continues to bear repeating: A null-route is a very big deal for us. If you're upset that you're attracting attacks that cause you to be null-routed, that's perfectly understandable, but you should not be upset at us. We are a victim just as you are, as is every single customer at your same location, who all had to suffer packet loss until the null-route took effect. You should take every reasonable step to avoid becoming a target of extremely large DDoS attacks.
-
- This is my homepage
- Posts: 201
- Joined: Wed Feb 19, 2014 6:07 pm
- Location: Dallas, TX
Re: A Suggestion For Null Routes
Any plans for upgrading Chicago's capacity?
Re: A Suggestion For Null Routes
theRadAleks, yes, that is something that we are working on.