• NFO Null-routes!
    30 replies, posted
Hello guys! this post stands to help server owners who do not wish to be paying money for services they are not receiving. I own a decently large Garry's mod community by the name of Garnet which is fully hosted through NFO, I have my own dedicated box, which means that I do not share my resources among other clients. If you happen to own a community large enough to pose a threat to other servers, expect the following to happen to you every two or three days: "A very large DDoS attack against your IP address overloaded our connection speed and/or our router's filtering capacity at your location a short while ago and caused location-wide problems. We were forced to null-route the IP address as an stopgap emergency response measure. This null-route will need to remain in place for at least 24 hours. We talk more about what a null-route means in our knowledge base. We are always upgrading our infrastructure to make sure that null-routes remain a rare, emergency measure, and we investigate every null-route to explore what we and Internap can do to filter it better. " This has been ongoing for quite awhile now, and I wish I was able to find a host which does not impose ridiculous "nullrouting" practices. #rantend I'm already expecting some of you to argue that "IF YOU'RE BEING HIT BY A BOTNET, IT IS NONE OF NFO'S FAULT BY ANY MEANS" but if one is paying upwards of $250 a month to host within a company, i'd expect better customer support than to be told that you are to ignore those who are targeting your servers. It's also worth mentioning that NFO servers can be null-routed through the hack-forums for $5 and under.
Did you consider switching to a ddos specialised host or one with better mitigation techniques?
NFO are very open about their null-routes, and they are not a DDos Protected host.
[QUOTE=Elpisaur;49883869] This has been ongoing for quite awhile now, and I wish I was able to find a host which does not impose ridiculous "nullrouting" practices. [/QUOTE] Hello Elpisaur, Your sentence caught my attention. We should be able to fit any DDoS protection requirements that you may require. While NFO is great and often considered the norm when it comes to server owners, they lack the most fundamental key for success with a server (DDoS protection). We protect from even the most specific source targeted DDoS attacks. Big attacks that NFO generally null routes is a cake walk for us. It's the small source DDoS attacks that you should seriously be worried about. I may be able to fit your needs and will certainly be able to at least match your budget depending on what you want specifically (dedicated machine / optimized routing, etc). Feel free to contact me via Steam if you wish. Thanks a lot and good luck.
[QUOTE=Elpisaur;49883869]Hello guys! this post stands to help server owners who do not wish to be paying money for services they are not receiving. I own a decently large Garry's mod community by the name of Garnet which is fully hosted through NFO, I have my own dedicated box, which means that I do not share my resources among other clients. If you happen to own a community large enough to pose a threat to other servers, expect the following to happen to you every two or three days: "A very large DDoS attack against your IP address overloaded our connection speed and/or our router's filtering capacity at your location a short while ago and caused location-wide problems. We were forced to null-route the IP address as an stopgap emergency response measure. This null-route will need to remain in place for at least 24 hours. We talk more about what a null-route means in our knowledge base. We are always upgrading our infrastructure to make sure that null-routes remain a rare, emergency measure, and we investigate every null-route to explore what we and Internap can do to filter it better. " This has been ongoing for quite awhile now, and I wish I was able to find a host which does not impose ridiculous "nullrouting" practices. #rantend I'm already expecting some of you to argue that "IF YOU'RE BEING HIT BY A BOTNET, IT IS NONE OF NFO'S FAULT BY ANY MEANS" but if one is paying upwards of $250 a month to host within a company, i'd expect better customer support than to be told that you are to ignore those who are targeting your servers. It's also worth mentioning that NFO servers can be null-routed through the hack-forums for $5 and under.[/QUOTE] I have been hosting with NFO for almost 2 years now, and I can tell you directly from experience that NFO's ddos protection is a ticking time bomb waiting to explode, they may be able to filter 5-10GB attacks, but anything more than that, they are going to null route you, even at there Chicago location which has an opacity of 70GB now. ALSO, NFO doesn't protect your servers from ANY source based exploits. I just recently switched hosts due to this very large issue. Take a look at this image of my recent server attacks "last months report", see a pattern? [url]https://gyazo.com/9d33c060e236a53eb5887ade155a5b1d[/url] [url]https://gyazo.com/741d3e3253f3672c90fac72f1d756bb5[/url] Thats just what I could show in a single image, the page goes down. one of my darkrp servers was doing almost 85-100 a day, "Modifiedrp" and then it was killed within a few days to a week. I was paying 210/month for the best machine in there Chicago location. and my servers where being taken down by smaller attacks, I'm talking 15 - 50 mbs attacks, attacks that utilize flaws in the source engine, funny enough, NFO says its IMPOSSIBLE to filter these types of attacks, but yet i'm with a host that currently filters them and has great mitigation for those smaller types of attacks and the larger attacks that NFO would otherwise null route you if used against your servers. Lets face it, NFO has great hardware at there locations, but is hardware worth it if you cannot even utilize that hardware, due to your servers being down every 3 hours because of null routs and rate limits caused by source attacks? I run a large network myself, and I can say for sure, I'll take the lower hardware for more uptime. [B]Resolution[/B] If you are being targeted by large attacks such as these or even the smaller attacks such as the source methods people are using right now, I would recommend GMC hosting. [B]What network I own[/B] Owner of Icefuse Networks
[QUOTE=Corvezeo;49885625]I have been hosting with NFO for almost 2 years now, and I can tell you directly from experience that NFO's ddos protection is a ticking time bomb waiting to explode, they may be able to filter 5-10GB attacks, but anything more than that, they are going to null route you, even at there Chicago location which has an opacity of 70GB now. ALSO, NFO doesn't protect your servers from ANY source based exploits. I just recently switched hosts due to this very large issue. Take a look at this image of my recent server attacks "last months report", see a pattern? [URL]https://gyazo.com/9d33c060e236a53eb5887ade155a5b1d[/URL] [URL]https://gyazo.com/741d3e3253f3672c90fac72f1d756bb5[/URL] Thats just what I could show in a single image, the page goes down. one of my darkrp servers was doing almost 85-100 a day, "Modifiedrp" and then it was killed within a few days to a week. I was paying 210/month for the best machine in there Chicago location. and my servers where being taken down by smaller attacks, I'm talking 15 - 50 mbs attacks, attacks that utilize flaws in the source engine, funny enough, NFO says its IMPOSSIBLE to filter these types of attacks, but yet i'm with a host that currently filters them and has great mitigation for those smaller types of attacks and the larger attacks that NFO would otherwise null route you if used against your servers. Lets face it, NFO has great hardware at there locations, but is hardware worth it if you cannot even utilize that hardware, due to your servers being down every 3 hours because of null routs and rate limits caused by source attacks? I run a large network myself, and I can say for sure, I'll take the lower hardware for more uptime. [B]Resolution[/B] If you are being targeted by large attacks such as these or even the smaller attacks such as the source methods people are using right now, I would recommend GMC hosting. [B]What network I own[/B] Owner of Icefuse Networks[/QUOTE] The previous owners of Modified DarkRP weren't very pleased with your server name selection.
[QUOTE=Corvezeo;49885625]I have been hosting with NFO for almost 2 years now, and I can tell you directly from experience that NFO's ddos protection is a ticking time bomb waiting to explode, they may be able to filter 5-10GB attacks, but anything more than that, they are going to null route you, even at there Chicago location which has an opacity of 70GB now. ALSO, NFO doesn't protect your servers from ANY source based exploits. I just recently switched hosts due to this very large issue. Take a look at this image of my recent server attacks "last months report", see a pattern? [URL]https://gyazo.com/9d33c060e236a53eb5887ade155a5b1d[/URL] [URL]https://gyazo.com/741d3e3253f3672c90fac72f1d756bb5[/URL] Thats just what I could show in a single image, the page goes down. one of my darkrp servers was doing almost 85-100 a day, "Modifiedrp" and then it was killed within a few days to a week. I was paying 210/month for the best machine in there Chicago location. and my servers where being taken down by smaller attacks, I'm talking 15 - 50 mbs attacks, attacks that utilize flaws in the source engine, funny enough, NFO says its IMPOSSIBLE to filter these types of attacks, but yet i'm with a host that currently filters them and has great mitigation for those smaller types of attacks and the larger attacks that NFO would otherwise null route you if used against your servers. Lets face it, NFO has great hardware at there locations, but is hardware worth it if you cannot even utilize that hardware, due to your servers being down every 3 hours because of null routs and rate limits caused by source attacks? I run a large network myself, and I can say for sure, I'll take the lower hardware for more uptime. [B]Resolution[/B] If you are being targeted by large attacks such as these or even the smaller attacks such as the source methods people are using right now, I would recommend GMC hosting. [B]What network I own[/B] Owner of Icefuse Networks[/QUOTE] There VPS/VDS and game servers are protected from source exploits. There dedicated servers do not offer that level of filtering, but small scale source engine exploits you can filter yourself anyway.
[QUOTE=ertug20;49885575]Hello Elpisaur, Your sentence caught my attention. We should be able to fit any DDoS protection requirements that you may require. While NFO is great and often considered the norm when it comes to server owners, they lack the most fundamental key for success with a server (DDoS protection). We protect from even the most specific source targeted DDoS attacks. Big attacks that NFO generally null routes is a cake walk for us. It's the small source DDoS attacks that you should seriously be worried about. I may be able to fit your needs and will certainly be able to at least match your budget depending on what you want specifically (dedicated machine / optimized routing, etc). Feel free to contact me via Steam if you wish. Thanks a lot and good luck.[/QUOTE] I'm assuming your username ertug is linked to GMC Hosting? I was very interested into looking forward to hosting with you, however, as you explained in your message - you WILL be able to fit my needs. I was not aware of your host being flexible, neither did I know it's capable of mitigating DDoS, seeing as your host is not very predominant in the Garry's mod community. I will attempt to contact you through steam. EDIT: your friends list is full
[QUOTE=Pantho;49886026]There VPS/VDS and game servers are protected from source exploits. There dedicated servers do not offer that level of filtering.[/QUOTE] To my understanding, the most NFO ever does is rate limit. This goes for all of their services including their game servers, VDS/VPSes and dedicated machines. Rate limiting should not be considered DDoS protection.
[QUOTE=Rope;49885999]The previous owners of Modified DarkRP weren't very pleased with your server name selection.[/QUOTE] If you are speaking about grandpa, I had already spoken to him about the name, I'm aware some of his users where not to happy, but as far as i'm concerned, that specific name wasn't an issue on a community to community basis. Also, please not that the recent attacks I just showed where for our starwars roleplay server. But our modifiedrp server did infact get allot of unwanted attention. I also own the domains modifiedrp.net and .com if that helps lol
[QUOTE=Corvezeo;49885625]I have been hosting with NFO for almost 2 years now, and I can tell you directly from experience that NFO's ddos protection is a ticking time bomb waiting to explode, they may be able to filter 5-10GB attacks, but anything more than that, they are going to null route you, even at there Chicago location which has an opacity of 70GB now. ALSO, NFO doesn't protect your servers from ANY source based exploits. I just recently switched hosts due to this very large issue. Take a look at this image of my recent server attacks "last months report", see a pattern? [url]https://gyazo.com/9d33c060e236a53eb5887ade155a5b1d[/url] [url]https://gyazo.com/741d3e3253f3672c90fac72f1d756bb5[/url] Thats just what I could show in a single image, the page goes down. one of my darkrp servers was doing almost 85-100 a day, "Modifiedrp" and then it was killed within a few days to a week. I was paying 210/month for the best machine in there Chicago location. and my servers where being taken down by smaller attacks, I'm talking 15 - 50 mbs attacks, attacks that utilize flaws in the source engine, funny enough, NFO says its IMPOSSIBLE to filter these types of attacks, but yet i'm with a host that currently filters them and has great mitigation for those smaller types of attacks and the larger attacks that NFO would otherwise null route you if used against your servers. Lets face it, NFO has great hardware at there locations, but is hardware worth it if you cannot even utilize that hardware, due to your servers being down every 3 hours because of null routs and rate limits caused by source attacks? I run a large network myself, and I can say for sure, I'll take the lower hardware for more uptime. [B]Resolution[/B] If you are being targeted by large attacks such as these or even the smaller attacks such as the source methods people are using right now, I would recommend GMC hosting. [B]What network I own[/B] Owner of Icefuse Networks[/QUOTE] I had just paid NFO for their best Chicago machine yesterday, however, I cannot set up a null-routed machine haha. I am still a bit skeptic about trying out GMC because I feel like if they were a good host, they would have been predominant enough for me to hear their name tossed around. For instance, how would GMC hold up against the botnet attacks I used to be receiving from NFO?
[QUOTE=Pantho;49886026]There VPS/VDS and game servers are protected from source exploits. There dedicated servers do not offer that level of filtering, but small scale source engine exploits you can filter yourself anyway.[/QUOTE] I don't consider rate limiting a source attack anything close to a good mitigation attempt.
[QUOTE=Elpisaur;49886068]I had just paid NFO for their best Chicago machine yesterday, however, I cannot set up a null-routed machine haha. I am still a bit skeptic about trying out GMC because I feel like if they were a good host, they would have been predominant enough for me to hear their name tossed around. For instance, how would GMC hold up against the botnet attacks I used to be receiving from NFO?[/QUOTE] Hello Elpisaur, I am indeed with GMCHosting. I haven't focused on getting more integrated with Facepunch until recently, hence why you haven't heard our name being tossed around much on here. We stuck to the main search engines. While we haven't marketed ourselves on Facepunch, you should still be able to find some vouchers for us. We have been doing this for 4 years by the way. As for mitigating the DDoS attack that you are experiencing, that all depends on what attack type you are being hit with.
[QUOTE=Elpisaur;49886068]I had just paid NFO for their best Chicago machine yesterday, however, I cannot set up a null-routed machine haha. I am still a bit skeptic about trying out GMC because I feel like if they were a good host, they would have been predominant enough for me to hear their name tossed around. For instance, how would GMC hold up against the botnet attacks I used to be receiving from NFO?[/QUOTE] Well, even at one point NFO didn't have the well known reputation they now have, every good host needs clients to throw around the "good word" in the beginning I suppose, I guess all you can do is do the research on the hosting company and find the public reviews / information such as I did. I didn't know anything about GMC hosting until I decided to do some research of my own. My servers didn't start getting hit with source exploits up until recently "heavily that is". Infact, I knew the day would come when I became a target due to competition. So I took the steps necessary to protect my servers. I think I made the right call.
[QUOTE=ertug20;49886094]Hello Elpisaur, I am indeed with GMCHosting. I haven't focused on getting more integrated with Facepunch until recently, hence why you haven't heard our name being tossed around much on here. We stuck to the main search engines. While we haven't marketed ourselves on Facepunch, you should still be able to find some vouchers for us. We have been doing this for 4 years by the way. As for mitigating the DDoS attack that you are experiencing, that all depends on what attack type you are being hit with.[/QUOTE] I know for a fact that my server is constantly hit off with these up-to-date source exploits that don't require much over 100mb, aswell as frequently getting attacked by an actual botnet with a capacity of just about 50-85GBps. PS. you'd might want to fix this ADVANCED DDOS PROTECTION All of our services come with advanced DDoS protection. The amount of protection varies on the location. All our locations have[U] at least 25 Gbps of DDoS protection.[/U] SUPERIOR DDOS PROTECTION [U]All of our GMod servers come with at least 65 Gbps of Advanced DDoS protection.[/U] We update our filters every day to ensure that your server is not affected by most DDoS attacks. This allows us to provide you with better uptime when being compared to all other leading server hosts!
[QUOTE=Elpisaur;49886111]I know for a fact that my server is constantly hit off with these up-to-date source exploits that don't require much over 100mb, aswell as frequently getting attacked by an actual botnet with a capacity of just about 50-85GBps. PS. you'd might want to fix this ADVANCED DDOS PROTECTION All of our services come with advanced DDoS protection. The amount of protection varies on the location. All our locations have[U] at least 25 Gbps of DDoS protection.[/U] SUPERIOR DDOS PROTECTION [U]All of our GMod servers come with at least 65 Gbps of Advanced DDoS protection.[/U] We update our filters every day to ensure that your server is not affected by most DDoS attacks. This allows us to provide you with better uptime when being compared to all other leading server hosts![/QUOTE] Hello Elpisaur, The issue with giving clients a good number for our DDoS protection (Gbps / Mpps) all depends on the attack type. While we can protect again all big attacks (up to at least 120+ Gbps [all amplification protocols]), they could also get hit with very small source specific attacks which gets filtered differently and has a different capacity. We could easily do exactly what any other host including NFO does and give a random value but it's all about transparency. Many other providers go throwing around protection in the 400-500 Gbps when they in fact have no idea what they're doing and rely on their providers. Our goal here is to be real with you. It all depends on the attack type. What you should know is that out of the hundreds to thousands of servers that we currently host, not one is affected from large DDoS attacks. We blocked those at least 2 years ago. It's truly the small source DDoS attacks that is a deal breaker by far since it gets past all DDoS mitigation systems and [B]is[/B] real traffic. Either way, I will look into making it a lot more interactive and understandable (the DDoS protection / system) on our site soon.
[QUOTE=ertug20;49886042]To my understanding, the most NFO ever does is rate limit. This goes for all of their services including their game servers, VDS/VPSes and dedicated machines. Rate limiting should not be considered DDoS protection.[/QUOTE] Then you understand incorrectly, they most certainly do on the services I listed. Unless this has changed since 2 years ago, they where the best and most active in blocking source exploits. Yes there web panel has options for rate limiting certain attacks etc, but they do other filtering upstream for the services I mentioned. However this is only done in set port ranges, I think it was 27000-27100 last I checked. My info is old though, but I doubt they removed the ability, and while Chicago is there biggest bandwidth site I THINK (again very old info) they had better mitigation solutions upstream for NYC location that elsewhere. NFO's issue is they where good at what they did, and promptly people started advertising on stupid websites like hackforums with "NFO - WE TAKE DOWN NFO SERVERS!" etc etc etc.. And this again was 1-2 years ago so it's probably worse now. The fact is if someone wants to take you down, you're going down... They don't even have to be clever to do it, just a bit resourceful and have some spare cash around. No host in existance is going to let you operate if the attacks bad enough. They simply cannot let there entire network go down or suffer due to 1 customer, some will be better are mitigating, some will take bigger hits, some will have more leniant polices. But the fact remains you are going down if that little twat with a PayPal account wants you to.
[QUOTE=Pantho;49886260]Then you understand incorrectly, they most certainly do on the services I listed. Unless this has changed since 2 years ago, they where the best and most active in blocking source exploits.[/QUOTE] Hello Pantho, We have clients switching to us every single day because NFO cannot fit their needs in terms of DDoS protection (mostly for source attacks). From my understanding, this has been happening since the beginning. While they do have a "notification" system for the source attacks, all they do is rate limit. That's all they really have done. It's really not a solution at all since when an attack rolls in (and if it doesn't crash the server of course [their rate limiting is a bit iffy]), numerous parts of the server like querying (finding the server on the server list / favorites) are not functional which is not good. EDIT: They do indeed try to filter upstream for basic attacks but source attacks are not in that list.
[QUOTE=ertug20;49886282]Hello Pantho, We have clients switching to us every single day because NFO cannot fit their needs in terms of DDoS protection (mostly for source attacks). From my understanding, this has been happening since the beginning. While they do have a "notification" system for the source attacks, all they do is rate limit. That's all they really have done. It's really not a solution at all since when an attack rolls in (and if it doesn't crash the server of course [their rate limiting is a bit iffy]), numerous parts of the server like querying (finding the server on the server list / favorites) are not functional which is not good. EDIT: They do indeed try to filter upstream for basic attacks but source attacks are not in that list.[/QUOTE] Since the beginning? You're not that old are you? The host I mean GMC... How can you say people have been moving to you since the beginning lol. And sorry, if you want to debate it feel free. But they most certainly DID filter source exploits before it hits a destination IP (unless this is a dedicated server) and I cannot see why they'd remove that feature. I've had some very long talks with the owner in the past about there mitigation systems. -edit Plus, a smart server owner would much rather have some upstream filtering to take those big beefy hits when they can block source exploits themselves, are there any source exploits that cannot be fixed with software implementation?
[QUOTE=ertug20;49886282]Hello Pantho, We have clients switching to us every single day because NFO cannot fit their needs in terms of DDoS protection (mostly for source attacks). From my understanding, this has been happening since the beginning. While they do have a "notification" system for the source attacks, all they do is rate limit. That's all they really have done. It's really not a solution at all since when an attack rolls in (and if it doesn't crash the server of course [their rate limiting is a bit iffy]), numerous parts of the server like querying (finding the server on the server list / favorites) are not functional which is not good. EDIT: They do indeed try to filter upstream for basic attacks but source attacks are not in that list.[/QUOTE] What he says is 100% true, I can even ask NFO right now if they filter these types of attacks, Knowing what they would say "No" I could upload a screenshot to prove this.
[QUOTE=Pantho;49886299]Since the beginning? You're not that old are you? The host I mean GMC... How can you say people have been moving to you since the beginning lol. And sorry, if you want to debate it feel free. But they most certainly DID filter source exploits before it hits a destination IP (unless this is a dedicated server) and I cannot see why they'd remove that feature. I've had some very long talks with the owner in the past about there mitigation systems.[/QUOTE] Well of course NFO is 12 years old while we are a petty 4. I'm not trying to compare that. I just mean since these source DDoS attacks became much more common and were adopted by many "stressers". John just does not care anymore. That's the awful truth. They rate limit which does technically "stop" it before it comes in but this is a part of the game. You cannot just stop it without having even more issues.
nfo rate limit if i recall correctly, which is more of a duct tape job than an actual solution.
[QUOTE=ertug20;49886321]Well of course NFO is 12 years old while we are a petty 4. I'm not trying to compare that. I just mean since these source DDoS attacks became much more common and were adopted by many "stressers". John just does not care anymore. That's the awful truth. They rate limit which does technically "stop" it before it comes in but this is a part of the game. You cannot just stop it without having even more issues.[/QUOTE] John might not, I dunno. Not been involved in mitigating attacks for 2 years nor had pretty much anything todo with anything if im honest. I had health issues and stopped caring/interacting with my servers etc. GMC might be the dogs bollocks, but are you telling me you've never had to null route someones game server? I'd be very suprised if that answer is yes, and you'll be a lucky git if it's true. Any online service that is purely reliant on a single IP can and will always be taken offline by someone who really wants to.
[QUOTE=Pantho;49886336]Any online service that is purely reliant on a single IP can and will always be taken offline by someone who really wants to.[/QUOTE] services like voxility can provide a cloud ddos mitigation solution that balances the traffic for your 1 IP between multiple locations
[QUOTE=Pantho;49886336]John might not, I dunno. Not been involved in mitigating attacks for 2 years nor had pretty much anything todo with anything if im honest. I had health issues and stopped caring/interacting with my servers etc. GMC might be the dogs bollocks, but are you telling me you've never had to null route someones game server? I'd be very suprised if that answer is yes, and you'll be a lucky git if it's true. Any online service that is purely reliant on a single IP can and will always be taken offline by someone who really wants to.[/QUOTE] Hello Pantho, Granted our provider does do a decent job with large attacks and does not null route, they aren't perfect (OVH unfortunately). We have our own specific Arbor DDoS filters, custom IP geo-location, routers, optimized routing and custom DDoS protection that not even the hosting provider can offer. We never had to ever null route anybody. Granted a big enough attack (maybe 200-400 Gbps) may cause issues, we never had that ever (or ever got alerted). I'm really worried about the source targeted DDoS attacks a lot more. You can even kill a server with 30 Mbps and it's not blockable by any real system (other than our custom VSE Guard). Also, that is called Anycast Routing Slowboi. :)
[QUOTE=ertug20;49886379]Hello Pantho, Granted our provider does do a decent job with large attacks and does not null route, they aren't perfect (OVH unfortunately). We have our own specific Arbor DDoS filters, custom IP geo-location, routers, optimized routing and custom DDoS protection that not even the hosting provider can offer. We never had to ever null route anybody. Granted a big enough attack (maybe 200-400 Gbps) may cause issues, we never had that ever (or ever got alerted). I'm really worried about the source targeted DDoS attacks a lot more. You can even kill a server with 30 Mbps and it's not blockable by any real system (other than our custom VSE Guard). Also, that is called Anycast Routing Slowboi. :)[/QUOTE] Lets not pretend you can block all layer 7 attacks ;)
[QUOTE=Slowboi;49886392]Lets not pretend you can block all layer 7 attacks ;)[/QUOTE] While we do also protect web-servers, I do admit that I'm not exactly as specialized on the network level on that. I do have a basic understanding and can setup an award winning CDN (Anycast) if I want though :P
[QUOTE=ertug20;49886410]While we do also protect web-servers, I do admit that I'm not exactly as specialized on the network level on that. I do have a basic understanding and can setup an award winning CDN (Anycast) if I want though :P[/QUOTE] Layer 7 is the application layer, so it does include applications like source - not just webservers. :P [editline]7th March 2016[/editline] [QUOTE=ertug20;49886379]Also, that is called Anycast Routing Slowboi. :)[/QUOTE] I mean technically it's just regular BGP setup. Anycast normally involves using the same subnets over multiple locations but they don't do that. Filtering is just a global BGP network
[QUOTE=Slowboi;49886446]Layer 7 is the application layer, so it does include applications like source - not just webservers. :P [editline]7th March 2016[/editline] I mean technically it's just regular BGP setup. Anycast normally involves using the same subnets over multiple locations but they don't do that. Filtering is just a global BGP network[/QUOTE] I see. I'm not going to debate IP layers to you :P. Also, our provider does indeed take advantage of Anycast for filtering as well.
[IMG]http://i.imgur.com/evDBJDK.png[/IMG] [QUOTE=ertug20;49886467]I see. I'm not going to debate IP layers to you :P.[/QUOTE] :godzing:
Sorry, you need to Log In to post a reply to this thread.