On a separate note, did anyone experience very intermittent Internet issues last night for about 30 minutes or so? Jeff Wilde IT Manager Park Region Telephone Company P: 218-826-8330 E: jeff.wilde@parkregion.com<mailto:jeff.wilde@parkregion.com> From: MICE Discuss <MICE-DISCUSS@LISTS.IPHOUSE.NET> On Behalf Of Andrew Hoyos Sent: Thursday, June 20, 2019 11:48 AM To: MICE-DISCUSS@LISTS.IPHOUSE.NET Subject: Re: [MICE-DISCUSS] ADV: [MICE-DISCUSS] Blackholing DoS traffic On Jun 20, 2019, at 11:39 AM, Doug McIntyre <merlyn@IPHOUSE.NET<mailto:merlyn@IPHOUSE.NET>> wrote: On Thu, Jun 20, 2019 at 04:33:12PM +0000, Frank Bulk wrote: https://www.seattleix.net/blackholing Does MICE have an blackholng functionality equivalent to SIX? I was visiting with a DDoS mitigation vendor this morning and was curious if there was a way we could automatically mitigate DoS attack traffic coming from a MICE peer. You can adjust the routing with communities, ie. in the MICE communities aera of http://micemn.net/technical.html you could block-hole the AS that is sending you that traffic. unfortunately, that just has the effect of traffic going elsewhere - not a blackhole effect. the communities in place would just cause the route not to be advertised to said peer, and the traffic would just ingress your network via a different path. In the case of a DDOS, it’s likely you have multiple ASN’s targeting you. https://www.seattleix.net/blackholing SIX, as an example, has a blackhole IP address, and the route servers matching a blackhole community to set next hop to this to sink the traffic on the switch fabric. Perhaps something we should look into for MICE. — Andrew Hoyos hoyosa@gmail.com<mailto:hoyosa@gmail.com> ________________________________ To unsubscribe from the MICE-DISCUSS list, click the following link: http://lists.iphouse.net/cgi-bin/wa?SUBED1=MICE-DISCUSS&A=1