You have to be peered with them and open a ticket and fill out their BGPQ to get you added to their blackhole servers. ☺
[DennisBurgessSignature] www.linktechs.net<http://www.linktechs.net/> – 314-735-0270 x103 – dmburg...@linktechs.net<mailto:dmburg...@linktechs.net> From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy /sarcasm Sent: Wednesday, June 22, 2016 10:00 AM To: af@afmug.com Subject: Re: [AFMUG] Mikrotik BGP Blackhole Community is this for a single ip? our upstream thats actually communicating said they dont support blackhole community, the other i assume wont either is this stating you can trigger at cogent even though not peered with them directly? On Wed, Jun 22, 2016 at 9:51 AM, Justin Wilson <li...@mtin.net<mailto:li...@mtin.net>> wrote: BlackHole server The Blackhole server allows customers under a DDOS attack to send all traffic to the IP address under attack to null route. To request configuration on the blackhole server: Log into eCogent and click on BGP request. You will need the following information: 1. Order Number. 2. An IP address from your network with which we will peer. 3. A password (all blackhole server sessions are password protected). All North American and Asia Pacific Customers will peer with: IPv4: 66.28.8.2 and IPv6: 2001:550:0:1000::421c:802 All European Customers will peer with: IPv4: 130.117.20.2 and IPv6: 2001:550:0:1000::8275:1402 Once your session to the blackhole server has been established, any network you announce to it will be stopped at our borders. Please note that Cogent does not warrant or guarantee that use of the blackhole server will mitigate, or minimize any effects of a DDOS attack nor does Cogent guarantee that a session to the blackhole server can be established on a timely basis. You are limited to announcing 50 prefixes to our blackhole server. If you anticipate needing to announce more, relay that request to our Customer Support department along with the technical justification for an increase in the number of prefixes to be announced. Justin Wilson j...@mtin.net<mailto:j...@mtin.net> --- http://www.mtin.net Owner/CEO xISP Solutions- Consulting – Data Centers - Bandwidth http://www.midwest-ix.com COO/Chairman Internet Exchange - Peering - Distributed Fabric On Jun 22, 2016, at 10:37 AM, Kurt Fankhauser <lists.wavel...@gmail.com<mailto:lists.wavel...@gmail.com>> wrote: Really? Mikrotik can automatically trigger a blackhole IP with Cogent? I have had to call Cogent to get IP's blacklisted previously. On Wed, Jun 22, 2016 at 10:15 AM, Justin Wilson <li...@mtin.net<mailto:li...@mtin.net>> wrote: San example with Cogent: add in-filter=cogent-blackhole-in multihop=yes name=Cogent-BlackHole out-filter=cogent-blackhole-out remote-address=130.117.20.1 remote-as=174 tcp-md5-key=<my-md5-key> ttl=default update-source=<interface-facing-cogent-or-ip-that-was-sent-to-Cogent> Justin Wilson j...@mtin.net<mailto:j...@mtin.net> --- http://www.mtin.net<http://www.mtin.net/> Owner/CEO xISP Solutions- Consulting – Data Centers - Bandwidth http://www.midwest-ix.com<http://www.midwest-ix.com/> COO/Chairman Internet Exchange - Peering - Distributed Fabric On Jun 20, 2016, at 7:35 PM, Matt <matt.mailingli...@gmail.com<mailto:matt.mailingli...@gmail.com>> wrote: Has anyone used BGP and Remote-Triggered BlackHole with Mikrotik to help deal with DOS attacks? Any examples of getting it too work with Mikrotik? -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.