[127774] in North American Network Operators' Group
Re: Vyatta as a BRAS
daemon@ATHENA.MIT.EDU (Dan White)
Tue Jul 13 22:33:00 2010
Date: Tue, 13 Jul 2010 21:31:29 -0500
From: Dan White <dwhite@olp.net>
To: "Dobbins, Roland" <rdobbins@arbor.net>
In-Reply-To: <C08DFC85-6BBD-4A27-82DD-BCFBA99136E5@arbor.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 14/07/10 02:18 +0000, Dobbins, Roland wrote:
>
>On Jul 14, 2010, at 3:26 AM, Tony Li wrote:
>
>> The whole point about being DoS resistant is one of horsepower. To do
>> DoS protection correctly, you need to be able to do packet examination
>> at line rate.
>
>Right. And to date, such routers make use of ASICs - i.e.,
>'hardware-based' routers, in the vernacular.
>
>Routers which use only centralized, general-purpose processors can't
>handle even a fraction of 'line-rate' without tanking, as innumerable
>real-world examples of said behavior over the years have repeatedly and
>conclusively demonstrated.
I'm not really all that opinionated on the subject, other than to say that
the definition of a router, and what qualifies as a sufficient router for
any given administrator's needs, greatly varies.
However, to state something like
> as innumerable real-world examples of said behavior over the years have
> repeatedly and conclusively demonstrated.
has the appearance of you struggling to hold on to an idea that may have
been more true in the past, and less true today, as is evident based on the
input from other list participants.
--
Dan White
