Internet2 Network Security SIG

[Doug Pearson <>]

Concerning Internet2 operational documentation for DDoS, might be
helpful to raise profile of existing doc and clean up some discrepancy:

Fairly buried in the BGP Communities page,
> https://noc.net.internet2.edu/i2network/maps-documentation/documentation/bgp-communities.html

I found mention of:
> The following communities can be used to blackhole traffic to more specific 
> netblocks (up to /32):
> 11164:53666 Rewrite next hop to discard traffic
> 11537:911 (to be deprecated *)

The word "DDoS" does not appear on the BGP Communities page. In one
consideration that makes sense, but having that word on the page
somewhere would help when googling for DDoS response.

and at:

> http://www.internet2.edu/policies/response-ddos-attacks/
last updated Feb 2015; that page doesn't seem as current as the BGP
Communities page(?) because says (only):

> tagged with the BGP Community 11537:911

which according to BGP Communities doc is scheduled to be deprecated.

When I google "Internet2 DDoS NOC" the only operational link I receive
is the "policies" doc referenced immediately above. And that doc isn't
linked to the BGP Communities page.


Regards,

Doug Pearson
REN-ISAC