DDoS Mitigation with Traffic Blackholing

10 or more years ago I used to do some very simple DDoS prevention with AS:<666> communities and propagating upstream.

Not a solution but took the traffic off our upstream/peering links for everybody else’s benefit.

It would be useful to get an overview of those tech and implementation/approaches.

I see that “ddos mitigation with blackholing” in in the list, but I think that BGP Flowspec would be a more interesting and modern topic.

I wonder if you could include a discussion on how CloudFlare operate as well as perhaps Arbor, now known as NetScout for scrubbing.

More Information