Fig. 1 - Elastically Scalable DDoS Scrubbing
The configuration for the major network elements was as follows:
Element |
Configuration |
VNF |
Configured to scrub network traffic by detecting and blocking flow flood attacks: |
Traffic Steering Engine (TSF) |
Configured to steer all traffic to the available VNFs |
MANO |
Configured to scale up a new scrubber (VNF) for every 10,000 new flows per second of network traffic |
Prior to the proof of concept, the network was in a steady state with a mix of traffic spread across a small number of flows. In the steady state, the number of ‘background’ flows fluctuates between about 20 and 30; the active flows represent a mix of traffic types and are of no specific importance to the DDoS scrubbing demonstration itself.
In the first part of the demonstration, a flow flood attack is triggered with a rate of 4,000 flows per second, with a flow timeout of one second; Figure 2 shows the 4,000 attack flows added to the network’s background traffic.
Fig. 2 - Launchpad: Dashboard showing the small attack (4,000 flows per second) during the first part of the demonstration