Supported by the GlobalNOC at Indiana University

PennREN Member DDoS Mitigation Procedures

Requirements:

  • Caller must be listed as an authorized representative of the member institution within the PennREN NOC Database

  • Member institution must be a valid subscriber of the PennREN DDoS Mitigation service

  • Member institution must have active PennREN Commodity Internet Service

  • Prefix requested for mitigation

    • Must be IPv4

    • Can not be longer than /24

    • Must already be filed with and approved by the PennREN NOC

Activation

  1. Call the PennREN NOC at 833-PENNREN (833-736-6736) and request immediate DDoS scrubbing on the prefix(es). Be prepared to identify your name, the organization you are with, and the specific prefix range(s) you wish to scrub

  2. Stop advertising the affected prefix(es), including more specific prefixes, to other Internet Service Providers and private peers.

  3. Advertise the affected prefix(es) to all PennREN Commodity Internet and Internet2 connections with the community string 14877:9111.

  4. PennREN NOC will notify via phone once traffic scrubbing is confirmed active by the service vendor 2

While community string 14877:911 is advertised, Internet egress traffic will continue to route normally. All Internet ingress traffic will be routed to the customer through their Commodity Internet East (NBRD) connection.

2 Activation may take up to 20 minutes from the time of initial request.

 

Deactivation

  1. Call the PennREN NOC at 833-PENNREN (833-736-6736) and request DDoS scrubbing be deactivated. Be prepared to identify yourself and notify the PennREN NOC of an email address to have scrubbing reports forwarded to.

  2. Stop advertising community string 14877:911 to all PennREN connections

  3. Resume normal advertisements to other Internet Service Providers and private peers.

  4. The PennREN NOC will email mitigation reports as they become available from the service vendor.


Your request has been completed.