[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EXTERNAL] Re: FlowSpec

If you can impose a limit on the amount of flowspec rules the customer can send you (I assume you are the Service provider) where is the problem
 with offering  flowspec services? Seems more of a vendor challenge.

The tcam issue is relatively addressed with proper dimensioning (throw money to the problem)
 and you have created a service revenue opportunity so it is a win win for both
 customer, provider and the entire community.
We cannot go very far with blackholing as a community.

-----Original Message-----
From: NANOG <nanog-bounces at nanog.org> On Behalf Of Denys Fedoryshchenko
Sent: 23 April 2020 16:58
To: Colton Conor <colton.conor at gmail.com>
Cc: NANOG <nanog at nanog.org>
Subject: [EXTERNAL] Re: FlowSpec

On 2020-04-23 18:13, Colton Conor wrote:
> Do any of the large transit providers support FlowSpec to transit
> customers / other carriers, or is that not a thing since they want to
> sell DDoS protection services? FlowSpec sounds much better than RTBH
> (remotely triggered blackhole), but I am not sure if  FlowSpec is
> widely implemented. I see the large router manufacturers support it.


They have extended blackholing, and FlowSpec, sure its all have costs.
I'm using both services from them and quite satisfied.

In general operators don't like flowspec, because it is not easy to implement it right, there is bugs and most important its "eating" TCAM.
For example:
This email is from Equinix (EMEA) B.V. or one of its associated companies in the territory from where this email has been sent. This email, and any files transmitted with it, contains information which is confidential, is solely for the use of the intended recipient and may be legally privileged. If you have received this email in error, please notify the sender and delete this email immediately. Equinix (EMEA) B.V.. Registered Office: Amstelplein 1, 1096 HA Amsterdam, The Netherlands. Registered in The Netherlands No. 57577889.