dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
21
Bigpaddy_Irl
join:2005-12-12
Ireland

Bigpaddy_Irl to TomS_

Member

to TomS_

Re: Mikrotik router being attacked - I think?

The funny thing is that a lot of the ip's that I can see are actually belonging to 2 other isp's connected to us. I have implemented some if MT's ddos and syn attack procedures on some of my routers that were effected and it appears to of have died down now thank god.
At the moment, my netowork is just mostly a big layer 2 bridge with PPPoE servers only at the edges. Should I create an EOIP tunnel inside a PPTP tunnel and run the backhaul from each PPPoE server back to the core router to avoid broadcast traffic from the other isps?

TomS_
Git-r-done
MVM
join:2002-07-19
London, UK

TomS_

MVM

If it were me I'd try and put those other ISP connections inside a VLAN that hangs off your core router, each with its own subnet.

That way their traffic is as separated from yours as it possibly can be without dedicated radio links all the way. To me that just feels cleaner.
Bigpaddy_Irl
join:2005-12-12
Ireland

Bigpaddy_Irl

Member

That can be very easily done on my side, and it might just be done within the next 2 days!

Inssomniak
The Glitch
Premium Member
join:2005-04-06
Cayuga, ON

Inssomniak to Bigpaddy_Irl

Premium Member

to Bigpaddy_Irl
Mikrotik's bridge horizon might work too.

I use it so data on one interface in the PPPoE bridge can enter my core router, but not leave out the other interfaces in the bridge