[127786] in North American Network Operators' Group
Re: Vyatta as a BRAS
daemon@ATHENA.MIT.EDU (Florian Weimer)
Wed Jul 14 09:48:42 2010
To: "Dobbins\, Roland" <rdobbins@arbor.net>
From: Florian Weimer <fweimer@bfk.de>
Date: Wed, 14 Jul 2010 13:48:29 +0000
In-Reply-To: <FDC3F2E7-0885-486E-ADF7-83C38EC2355B@arbor.net> (Roland
Dobbins's message of "Tue\, 13 Jul 2010 17\:57\:26 +0000")
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
* Roland Dobbins:
> That's what I meant - even a very small botnet can easily overwhelm
> software-based edge routers.
>From or to your customers?
Stopping customer-sourced attacks is probably a good thing for the
Internet at learge. And you can't combat attacks targeted at
customers within your own network unless you've got very large WAN
pipes, moving you into the realm of special-purpose hardware for other
reasons.
Previously, this was really a no-brainer because you couldn't get PCI
cards with the required interfaces, but with Ethernet everywhere, the
bandwidths you can handle on commodity hardware will keep increasing.
Eventually, you'll need special-purpose hardware only for a smallish
portion at the top of the router market, or if you can't get the
software with the required protocol support on other devices.
--=20
Florian Weimer <fweimer@bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstra=DFe 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
