BGP Flow Spec: Ultimate Weapon Against DDoS
Hello! I’m Pavel and I’m CTO and co-founder of FastNetMon LTD, London, 🇬🇧. We’re cyber security software vendor and we develop DDoS 🎯 detection and mitigation platform for Telecoms.
In this article we’re going to discuss how BGP Flow Spec protocol can allow you to mitigate volumetric DDoS attacks without using third party cloud based DDoS scrubbing centres.
As part of my role at FastNetMon I have worked closely with BGP Flow Spec since 2015 (ExaBGP, GoBGP) from both operational and implementation side.
It's an attack type which generates a very significant amount of bandwidth or packet rate towards the victim. Bandwidth for such attacks may start from hundreds of megabits to many hundreds of gigabits. Usually such attacks are implemented using an approach called amplification.
There are hundreds of known volumetric attack types and basically all fields in IPv6 and IPv4 (legacy) headers can be used in attack:
