Internet2 Network Security SIG

[Paul Howell <>]

Thanks for pointing this out, we’ll make the necessary changes.



-----Original Message-----
From: 
<>
 on behalf of Doug Pearson 
<>
Reply-To: 
""
 
<>
Date: Thursday, November 19, 2015 at 4:49 PM
To: 
""
 
<>
Subject: [Security-WG] NOC doc re current BGP discarding

>Concerning Internet2 operational documentation for DDoS, might be
>helpful to raise profile of existing doc and clean up some discrepancy:
>
>Fairly buried in the BGP Communities page,
>> https://noc.net.internet2.edu/i2network/maps-documentation/documentation/bgp-communities.html
>
>I found mention of:
>> The following communities can be used to blackhole traffic to more 
>> specific netblocks (up to /32):
>> 11164:53666 Rewrite next hop to discard traffic
>> 11537:911 (to be deprecated *)
>
>The word "DDoS" does not appear on the BGP Communities page. In one
>consideration that makes sense, but having that word on the page
>somewhere would help when googling for DDoS response.
>
>and at:
>
>> http://www.internet2.edu/policies/response-ddos-attacks/
>last updated Feb 2015; that page doesn't seem as current as the BGP
>Communities page(?) because says (only):
>
>> tagged with the BGP Community 11537:911
>
>which according to BGP Communities doc is scheduled to be deprecated.
>
>When I google "Internet2 DDoS NOC" the only operational link I receive
>is the "policies" doc referenced immediately above. And that doc isn't
>linked to the BGP Communities page.
>
>
>Regards,
>
>Doug Pearson
>REN-ISAC