Re: Charter DDOS scrubbing.

[Ca By <cb.list6 () gmail com>]

On Friday, March 18, 2016, Ethan E. Dee <edee () globalvision net> wrote:

> Globalvision is an ISP in greenville sc.
> We are currently peering with two other ISP's we have a gig link with
> charter and are getting hammered quite hard with a full gig and more of
> DDoS on SIP, DNS, NTP, and other random UDP traffic. Alot of folks have
> said that charter will do DDoS scrubbing. Charter however is telling me
> they absolutely cannot offer this service.
> Does anyone have any info on contacting charter or who to bug about this
> to get it in the works? Or does any know for certain that there's no reason
> to even ask?
>
> --
> Ethan Dee
> Network Admin
> Globalvision
> 864 704 3600
> edee () globalvision net
>
> Gv-support () globalvision net
> 864 467 1333
If you are paying them, they should be able to police ipv4 udp to some
reasonable baseline.  This is a smart proactive method.

They should also be able to put in an acl to simply block udp source ports
that are problem ... Each of these need to be weighed on customer impact
for blocking source udp 53, ntp, ssdp , chargen , frags..

There is also rtbh.

I would avoid scrubbers, acls and policers and rtbh work.



> --
> This message has been scanned by E.F.A. Project and is believed to be
> clean.