Inter-provider routing is based on a web of trust. Neighboring
autonomous systems are trusted to advertise valid reachability
information. If this trust model is violated, a neighboring
autonomous system may cause a denial-of-service attack by advertising
reachability information for a given prefix for which it does not
I guess it's also a well-known attack that malicious neighbor could also
draw traffic to itself for snooping purposes without actually dropping the
traffic. But I'm not sure if there are any flowspec-specific considerations
relating to that scenario.
Inter-provider routing is based on a web of trust. Neighboring autonomous systems are trusted to advertise valid reachability information. If this trust model is violated, a neighboring autonomous system may cause a denial-of-service attack by advertising reachability information for a given prefix for which it does not
I guess it's also a well-known attack that malicious neighbor could also draw traffic to itself for snooping purposes without actually dropping the traffic. But I'm not sure if there are any flowspec-specific considerations relating to that scenario.