DDoS Mitigation with Traffic Blackholing
10 or more years ago I used to do some very simple DDoS prevention with AS:<666> communities and propagating upstream.
Not a solution but took the traffic off our upstream/peering links for everybody else’s benefit.
It would be useful to get an overview of those tech and implementation/approaches.
I see that “ddos mitigation with blackholing” in in the list, but I think that BGP Flowspec would be a more interesting and modern topic.
I wonder if you could include a discussion on how CloudFlare operate as well as perhaps Arbor, now known as NetScout for scrubbing.