Hello MT,
im a bit confused about it, we have following Scenario:
Client = 10.0.0.10/32
Router = 10.0.0.1/24
Upstream = 10.20.10.10/29
Attacker = 5’000+ IP’s
The Router runs BGP.
How would it be possible to execute following Action if Client gets more as 50’000 Packets per Second?
/routing filter chain=MYPREFIXES-v4 prefix=10.0.0.10/32 bgp-communities=666:999
Im thinking with Scripting and Queues, but the Performance isnt the best for my Networks. A other Way would be NetFlow and sFlow with an analyzing Script, but im not have any Experience with RouterOS + Heavy Load and NetFlow.