Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
499
Views
0
Helpful
1
Replies

BGP help with UPnP/DDOS/DNS

Go to solution
andrewpaulsen
Level 1
Level 1

‎03-24-2015 01:26 PM - edited ‎03-05-2019 01:05 AM

Currently i have 2x1GB BGP routers running at my upstream provider. Recently we had a huge DDOS attack that was a UPnP/SSDP attack that was focused at a customer and it was also attacking our DNS server. The BGP routers & Switches were lit up like a christmas tree, all data lights were pretty much solid trying to process the data coming in. Then my BGP routers just shut themselves down i can only assume that was caused by a Buffer overload. Can someone please advise me on if there is something i can do to help prevent this kind of attack in the future?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Vasilii Mikhailovskii
Level 7
Level 7

‎03-28-2015 02:21 AM

Hello.

As a DDOS prevention you may use either a DDOS prevention service from third party, or just try to protect your subnets/hosts with 

Remote Triggered Black Hole Filtering

https://tools.ietf.org/html/rfc5635

Also if you faced any issue with network link utilization (inside your network) - deploy QoS or upgrade the links.

PS: I wonder where you were not able to access your BGP routers?! Are they not fast enough to process 1G of data? Don't you protect management and control plane on the network devices?

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Vasilii Mikhailovskii
Level 7
Level 7

‎03-28-2015 02:21 AM

Hello.

As a DDOS prevention you may use either a DDOS prevention service from third party, or just try to protect your subnets/hosts with 

Remote Triggered Black Hole Filtering

https://tools.ietf.org/html/rfc5635

Also if you faced any issue with network link utilization (inside your network) - deploy QoS or upgrade the links.

PS: I wonder where you were not able to access your BGP routers?! Are they not fast enough to process 1G of data? Don't you protect management and control plane on the network devices?

0 Helpful
Customers Also Viewed These Support Documents