GigaPOP / I-Light DDoS Mitigation (Scrubbing) Service FAQ
Q: What BGP Community triggers mitigation (scrubbing)?
A: Please refer to the Indiana GigaPOP BGP Communities documentaiton.
Q: What is the cost to Indiana GigaPOP and I-Light Members?
A: The cost for the scrubbing service will be shared between Indiana GigaPOP members, including I-Light. Once we know how many of the GigaPOP members are going to participate we will spread the costs proportionally. We’ll be InTouch with the individual GigaPOP members to discuss these costs in more detail in the near future.
Q: Can members Opt-In and Opt-Out?
A: We think so, initially the scrubbing service will be a manual action by either the Indiana GigaPOP and I-Light Network Engineers or members themselves via BGP Communities. A future automated process would need to take into account prefixes which would be excluded. Considerations may need to be made for frequency of Opt-In/Opt-Out changes as well as time required to process changes.
Q: How do members Opt-In and Opt-Out?
A: Members may Opt-In or Opt-Out by notifying the appropriate NOC; Indiana GigaPOP or I-Light. **Please note the anticipated turnaround time to be three (3) days to change a members status.
Q: Is BGP required to participate in the scrubbing service?
A: No. BGP allows the Indiana GigaPOP or I-Light member to initiate the scrubbing service independently of Indiana GigaPOP or I-Light Engineers. Without BGP, a manual process will be implemented by Indiana GigaPOP or I-Light Engineers.
Q: Will Indiana GigaPOP and I-Light Engineers be available to assist members with BGP administration and verification?
A: Yes! Indiana GigaPOP and I-Light Engineers can help in three ways.
- Documentation of examples. Please refer to DDoS Mitigation (Scrubbing) Service Scenario and Configuration Examples.
- Proactive discussion on BGP Configuration
- Reactive assistance for BGP Configuration Verification
Q: How will members be notified when a DDoS attack is occurring against the network or the member? How will members be notified when DDoS scrubbing is active?
A: The NOC for Indiana GigaPOP or I-Light will send targeted notifications to member institutions when an attack is observed and when the attack has subsided. Members which Opt-In for the scrubbing service will also receive a notification when scrubbing is activated and deactivated. Members who request confirmation will only receive the scrubbing notifications after a representative acknowledges activation or deactivation.
Q: How will the DDoS Scrubbing service affect Multicast?
A: The DDoS Scrubbing service only functions on commodity traffic from transit providers. Currently no active transit providers support Multicast. Multicast traffic should not be affected internal to the Indiana GigaPOP or I-Light, although public senders or receives can still be attacked and external traffic to those hosts may be scrubbed.
Q: Will scrubbed traffic induce latency?
A: Yes. Measured increased RTT (round trip time) was between 22 and 55ms, dependent on the external endpoint and path to Indiana GigaPOP or I-Light member. To provide reference, latency from Indiana to the West coast is approximately 48ms round trip, to the East coast is approximately 22ms round trip.