rocky-mirror-announce December 2023

rocky-mirror-announce@lists.resf.org

1 participants
1 discussions

DDoS Downloads from China Telecom/Mobile Blocks
by Louis Abel 29 Dec '23

29 Dec '23

Hello. Recently, we've received messages from several mirror operators about large amount of traffic coming in from various China IP addresses. These connections appear to be DDoS-like traffic, attempting to download the large ISO's of our releases but never actually finishing them. This obviously consumes bandwidth which can affect your mirror traffic negatively. If you find that this is happening to your mirror, we suggest putting in filters for those subnets. Even if you are not experiencing this, it may be necessary to also add them. This is, however, your call as a mirror operator to make that judgement. Below is a list of potential subnet blocks that can be used, provided by one of our operators. # IPv4 101.64.0.0/13 106.110.0.0/15 112.0.0.0/10 112.100.0.0/14 112.109.128.0/17 112.111.0.0/16 112.94.128.0/18 114.224.0.0/12 117.24.0.0/13 117.80.0.0/12 120.32.0.0/13 124.72.0.0/16 140.224.0.0/16 175.42.0.0/15 175.44.0.0/16 180.96.0.0/11 182.200.0.0/13 183.192.0.0/10 218.5.0.0/16 221.224.0.0/13 222.184.0.0/13 222.76.0.0/14 223.113.216.0/24 223.64.0.0/10 27.152.0.0/13 27.36.0.0/14 36.248.0.0/14 49.64.0.0/11 58.22.0.0/15 58.248.0.0/13 # IPv6 2408:8000::/20 2409:8000::/20 240e::/20 If you find there are other subnets to add, please do not hesitate to reply here or contact us at chat.rockylinux.org. Thank you again for supporting Rocky Linux. -- Louis Abel, RHCE RHCSIDM Infrastructure, Release Engineering, IDM

1 0

2025

2024

2023

2022

rocky-mirror-announce December 2023