Approved for public release, distribution unlimited / BGP Blackhole routing is a mechanism used to protect networks from DDoS attacks. During the last several years, a number of variations of BGP Blackhole routing have been proposed. However, even though these methods have been used by many organizations and ISPs for some years, the academic community has provided only a limited evaluation of BGP Blackhole routing, using mainly network simulations. The objective of this research was to evaluate the basic methods of BGP Blackhole routing in a real test-bed network in various environments. By using the response time, the CPU load, and the link load as performance metrics, we first evaluated the performance of those methods in networks where the routers CPU load was the limiting factor. Then we examined the effect of the high link load and the effect of routers preconfiguration on the BGP Blackhole routing's performance. The results showed that the BGP Blackhole routing may not be effective under stressful situations, that is, a high link load, because its dependence on TCP and the underlying routing protocols. Of the three basic Blackhole routing methods, the best method is the destination-based, followed closely by the source-based. The third method, customer-triggered Blackhole routing, in all cases had very degraded performance.
| Identifer | oai:union.ndltd.org:nps.edu/oai:calhoun.nps.edu:10945/2648 |
| Date | 09 1900 |
| Creators | Stamatelatos, Nikolaos |
| Contributors | Xie, Geoffrey, Fulp, J.D., Naval Postgraduate School (U.S.). |
| Publisher | Monterey, California. Naval Postgraduate School |
| Source Sets | Naval Postgraduate School |
| Detected Language | English |
| Type | Thesis |
| Format | xvi, 93 p. : 1 col. map ;, application/pdf |
| Rights | Approved for public release, distribution unlimited, This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, it may not be copyrighted |
Page generated in 0.0015 seconds