On Thursday, July 28, 2016, Donn Lasher via NANOG <nanog@nanog.org> wrote:
> On 7/28/16, 10:17 AM, "NANOG on behalf of J. Oquendo" < > nanog-boun...@nanog.org <javascript:;> on behalf of joque...@e-fensive.net > <javascript:;>> wrote: > > > >While many are chanting: #NetworkLivesMatter, I have yet > >to see, read, or hear about any network provider being > >the first to set precedence by either de-peering, or > >blocking traffic from Cloudflare. There is a lot of > >keyboard posturing: "I am mad and I am not going to take > >it anymore" hooplah but no one is lifting a finger to > >do anything other than regurgitate "I am mad... This is > >criminal." > > (long discussion, was waiting for a place to jump in..) > > If we want to be accurate about it, Cloudflare doesn’t host the DDoS, they > protect the website of seller of the product. We shouldn’t be de-peering > Cloud Flare over sites they protect any more than we would de-peer GoDaddy > over sites they host, some of which, no doubt, sell gray/black > market/illegal items/services. > > If, on the other hand, you can find a specific network actually > generating the volumes of DDoS, you should have a conversation about > de-peering…. > > $0.02… > > > Agreed. Cloudflare is just the messenger The ddos is coming from your ssdp, dns, and ntp servers. Not Cloudflare. I see a lot of ddos traffic. It is always udp Comcast took a huge step in stemming the ssdp problem in their network, http://labs.comcast.com/preventing-ssdp-abuse Thanks Comcast! But they still host tens of thousands, perhaps more, open dns resolvers that attack us.
