Peace,
On Sun, Aug 8, 2021, 6:05 PM Tom Herbert <tom@xxxxxxxxxxxxxxx> wrote:
DNS can return different addresses to users in different geographic regions, mirrors have long been used for file download.And the cybercriminal would just take down all of these unicast addresses with a DDoS, one by one, until so many scrubbing centers are down that the rest cannot handle the traffic, resulting in a domino effect.No, that doesn't work.And yet these have techniques have been successfully deployed for many years. Not every address seen on the Internet is anycast.
Not every address ever gets attacked, and when there's an attack, it isn't _always_ complicated.
And there's no incentive now for the criminals to do research in that matter because with TCP working fine over anycast, it's too complicated to overcome the traffic engineering obstacles.
Take anycast out of the game, the situation would change.
--
Töma
