[quagga-users 14118] BGP DDoS Mitigation Extension

Harley Green harley.s.green at gmail.com
Thu Aug 20 20:15:57 BST 2015


Hi All,
I'm working on an extension to BGP that can be used to exchange information
about active network attacks by piggy-backing on normal NLRI advertisements
in BGP. Validation of the alerts are based on existing BGP peer trust at
least as much/little as is already present in BGP, because alerts about
attacks are only generated by speakers that would be announcing information
about the NLRI in the first place. Think Flowspec, but without having to
introduce new SAFI and without relying on all peers to support the
extension to still yield benefits of attack mitigation.

I've been doing development in quagga for sometime on a variety of private
projects but now have an opportunity to publicly release some of the
enhancements I've made and work with the community. At this time we have a
working prototype of the proposed extension implemented as a branch from
the main quagga repository and have confirmed its functionality with
unmodified versions of quagga. We also have a significant sponsor that can
provide some funding and influence to aid in the development and adoption
of this concept, as well as some partners in the network device vendor
community.

We are looking for partners from the Quagga community that are interested
in participating in any of the following opportunities:
- Co-Author/Review draft extension specification
- Participate in early adoption/deployment (potential for funding available
here): There are a lot of options with varying levels of involvement here
including a passive instance of a BGP listener running the extension that
would just report network attack alerts received from other BGP speakers
all the way to active deployments that generate alerts and respond using
traffic shaping to mitigate reported malicious traffic. We can even provide
the hardware to run instances of this extension.

I appreciate your time to consider this and would be happy to address
specific concerns or interest offline, simply reply to my direct email.

Thank you,
Harley Green
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.quagga.net/pipermail/quagga-users/attachments/20150820/7f3fada0/attachment.html>


More information about the Quagga-users mailing list