[109856] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: UDP DoS mitigation?

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Fri Dec 12 13:34:15 2008

From: Roland Dobbins <rdobbins@cisco.com>
To: nanog@merit.edu
In-Reply-To: <83167A7C7B83A84B90E8C1AFD6800FBD02D14912@FIJIEXCHANGE.corp.oversee.net>
Date: Sat, 13 Dec 2008 02:33:59 +0800
Errors-To: nanog-bounces@nanog.org


On Dec 13, 2008, at 2:27 AM, David Kotlerewsky wrote:

> 2. As far as hardware is concerned, we're in the same boat as far as
> various UDP/ICMP floods, and our Juniper M10i's handle it with no  
> issues
> (running multiple BGP sessions, OSPF, firewall sets/access lists).

Right - a hardware-based platform is required to deal with high pps  
rates (the Cisco equivalent is the ASR1000; I'm not familiar with  
boxes from other vendors, but I'm pretty sure there are others in this  
same class).

-----------------------------------------------------------------------
Roland Dobbins <rdobbins@cisco.com> // +852.9133.2844 mobile

      History is a great teacher, but it also lies with impunity.

                    -- John Robb


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[109856] in North American Network Operators' Group

Re: UDP DoS mitigation?

daemon@ATHENA.MIT.EDU (Roland Dobbins)Fri Dec 12 13:34:15 2008

daemon@ATHENA.MIT.EDU (Roland Dobbins)
Fri Dec 12 13:34:15 2008