RFC 3882
Configuring BGP to Block Denial-of-Service Attacks, September 2004
- File formats:
- Status:
- INFORMATIONAL
- Author:
- D. Turk
- Stream:
- INDEPENDENT
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC3882
Discuss this RFC: Send questions or comments to the mailing list rfc-ise@rfc-editor.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 3882
Abstract
This document describes an operational technique that uses BGP communities to remotely trigger black-holing of a particular destination network to block denial-of-service attacks. Black-holing can be applied on a selection of routers rather than all BGP-speaking routers in the network. The document also describes a sinkhole tunnel technique using BGP communities and tunnels to pull traffic into a sinkhole router for analysis. This memo provides information for the Internet community.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.