DDOS Mitigation using flowspec with ExaBGP and Cisco IOS-XR routers in GNS
Introduction: The BGP flow specification (flowspec) feature allows you to rapidly deploy and propagate filtering and policing functionality among a large number of BGP peer routers to mitigate the effects of a distributed denial-of-service (DDoS) attack over your network. Flowspec model: The BGP Flowspec model comprises of a Client and a Server.The Controller is responsible for sending or injecting the flowspec NRLI entry. The client (acting as a BGP speaker) receives that NRLI and programs the hardware forwarding to act on the instruction from the Controller. In our setup, ExaBGP daemon acts as the flowspec server(Controller) and flowspec supporting cisco IOS-XR routers act as flowspec clients. GNS topology consisting of IOS-XR routers as provider edge routers is created, and the provider edge routers are connected to the external network so that provider edge routers can talk to ExaBGP node as shown in diagram below. Hence, ExaBGP is responsible for injecting the