Вопросы и ответы про IX DDoS Protection
18 March 2021


Questions about IX DDoS Protection are asked to our specialists.⠀

1. Are there situations in which traffic manipulation will occur with the help of announcements /32 prefixes?
Any manipulations are excluded.
We do not accept prefixes /32 from participants on Route-Servers , so you will only receive them from DATAIX RS and with a certain BGP community (0: 65500).
Any attempt by participants to announce their 32 prefixes other than blackhole with community 0: 666 will be prevented.
You can check it using Looking Glass service.

2. How to connect the DDoS attack protection service?
If you are interested in activating IX DDoS Protection service contact your manager or send an email to ix32@dataix.ru.
In the application specify:
1. Your ASN and company name;
2. Attach an extract from the configuration file or a screenshot that confirms the setting of reception / 32 prefixes with BGP community 0: 65500;
3. Specify the prefixes you want to protect.
We protect DATAIX member prefixes that are created in your AS only.

3. How does protection work?
When a possible DDoS attack is detected, Arbor TMS announces / 32 protected prefix with a changed next-hop to all DATAIX participants. In this case, all other prefixes you get in normal mode.

All illegal traffic enters the purge system, after which this traffic will be discarded and the legitimate one is returned to a participant.

4. What is the maximum number of / 32 prefixes we can pass through DATAIX?

On average, number of such prefixes will not exceed 150-200. 
In the absence of DDoS attacks, you will not see this type of prefix.