[12041] in North American Network Operators' Group
Re: Denied packets process-switched - no longer?
daemon@ATHENA.MIT.EDU (Craig A. Huegen)
Fri Aug 29 12:05:07 1997
Date: Fri, 29 Aug 1997 08:45:48 -0700 (PDT)
From: "Craig A. Huegen" <c-huegen@quadrunner.com>
To: "Jeffrey S. Curtis" <curtis@anl.gov>
cc: nanog@merit.edu
In-Reply-To: <199708291137.GAA00929@achilles.ctd.anl.gov>
On Fri, 29 Aug 1997, Jeffrey S. Curtis wrote:
==>Warning: possibly useful operational content follows. Read at your own risk.
==>
==>Regarding the possible denial-of-service implications of cisco routers
==>process-switching packets which have been denied by an access-list (as
==>was mentioned previously on this list), I received the following update
==>in this morning's list-of-bugs-and-their-new-status via email:
I've tested this image in my lab and it works very well. 2 pps head to
process level to send unreachables, the rest are quickly dropped in the
fast path.
/cah
