[144484] in North American Network Operators' Group
Re: vyatta for bgp
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Sep 12 15:47:36 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <4E6E5EF2.9040502@foobar.org>
Date: Mon, 12 Sep 2011 12:45:18 -0700
To: Nick Hilliard <nick@foobar.org>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--Apple-Mail=_ADBBB30B-9A14-4CF5-92EE-8577425B737C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
On Sep 12, 2011, at 12:35 PM, Nick Hilliard wrote:
> On 12/09/2011 20:08, Michael K. Smith - Adhost wrote:
>> How do you come to this conclusion? I think a software-based router =
for
>> enterprise level (let's say on the 1G per provider level) can handle =
a
>> fair amount of zorching.
>=20
> I presume by "a fair amount", I presume you mean "barely any"?
>=20
> At large packet sizes, an "enterprise level" router will just about =
handle
> a 1G DoS attack. Thing is, bandwidth DoS / DDoS is sufficiently easy =
to
> pull off on a large scale that a 1G DoS is pretty easy.
>=20
> Incidentally, most service providers use "enterprise level" as a =
by-word
> for mediocre quality kit, lacking in both stability and useful =
features.
>=20
> Nick
In your typical enterprise environment, a 1G DoS will zorch the link =
long
before it zorches the router at the enterprise side.
I agree that software-based routers are not a good choice for a backbone
provider, but, for an enterprise that is dealing with <1gbps links =
coming
in from =E2=89=A43 providers, the difference in cost makes a software =
router an
attractive option in many cases.
Of course it is important to understand the limitations of the solution =
you
choose, but, in such an environment, a USD100,000+ ASIC based router
may be like trying to kill a mosquito with a sledge hammer.
Owen
--Apple-Mail=_ADBBB30B-9A14-4CF5-92EE-8577425B737C
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIERDCCBEAw
ggOpoAMCAQICARQwDQYJKoZIhvcNAQEFBQAwgaYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTER
MA8GA1UEBxMIU2FuIEpvc2UxGjAYBgNVBAoTEURlTG9uZyBDb25zdWx0aW5nMSUwIwYDVQQLExxE
ZUxvbmcgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQDEw1jYS5kZWxvbmcuY29tMRwwGgYJ
KoZIhvcNAQkBFg1jYUBkZWxvbmcuY29tMB4XDTA2MTIxNjE2MzcxN1oXDTE2MTIxMzE2MzcxN1ow
fTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRowGAYDVQQKExFEZUxvbmcgQ29uc3VsdGluZzEP
MA0GA1UECxMGUGVyc29uMRQwEgYDVQQDEwtPd2VuIERlTG9uZzEeMBwGCSqGSIb3DQEJARYPb3dl
bkBkZWxvbmcuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7H7JBEUaAy56E6qY
0JoHKfI+6QT7hYjnc1JezeZOA5XxK7QERkx8rdcND47xeNXjw06ZMjfhrcGkxM+1PEatBxC1Aax1
V95fKtw0DkNMKRgH138E6mZhwuWsvcA1bhxJQQc++SumEX5Uyr5dX4jYy2WgmaLKc8TD/N5G+/zb
Rc1sLrznovNvv7daKfDFlufRkPnLpeG0gx/HIFa4csMNYH2rdLt2xUBAt4TSy3fjEbp0HFVRJI4G
QRHbMmb6tBMnT9vpUZrwMHydqHHTiGr2A8PgdQeQLNEknKynVFTjJIXhBUSINhCl2HtQA+TKv+gu
EF9HrIybZSDlhGym0JUgKwIDAQABo4IBIDCCARwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUzaaV8BC8
UhxaWk6IQTpqK9mLnSgwgdMGA1UdIwSByzCByIAU15gTZIxt8E1K2l0KkjrRFpdc5eyhgaykgakw
gaYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UEBxMIU2FuIEpvc2UxGjAYBgNVBAoT
EURlTG9uZyBDb25zdWx0aW5nMSUwIwYDVQQLExxEZUxvbmcgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
MRYwFAYDVQQDEw1jYS5kZWxvbmcuY29tMRwwGgYJKoZIhvcNAQkBFg1jYUBkZWxvbmcuY29tggEA
MBoGA1UdEQQTMBGBD293ZW5AZGVsb25nLmNvbTANBgkqhkiG9w0BAQUFAAOBgQCWRsD48eQfaNKH
K2lohMTD9voszp/GuoWTyi6RckNxW0b0V0gv7ZGH1BUmgq2Jt7SjIis7vTY3FCZUDcR9e7fpBXJL
/euk2pPEBSHbCWAYO+uFeZ17UHz0WtInBB7Yo2EHUrkf4jeJDL7rHOG5YOVQzoV1+vdFkmQvPCPX
zPyYyzGCA7cwggOzAgEBMIGsMIGmMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExETAPBgNVBAcT
CFNhbiBKb3NlMRowGAYDVQQKExFEZUxvbmcgQ29uc3VsdGluZzElMCMGA1UECxMcRGVMb25nIENl
cnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEAxMNY2EuZGVsb25nLmNvbTEcMBoGCSqGSIb3DQEJ
ARYNY2FAZGVsb25nLmNvbQIBFDAJBgUrDgMCGgUAoIIB3zAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
AQcBMBwGCSqGSIb3DQEJBTEPFw0xMTA5MTIxOTQ1MTlaMCMGCSqGSIb3DQEJBDEWBBTGsNzAHck2
HdSgwVgTbNK3Dj0O8jCBvQYJKwYBBAGCNxAEMYGvMIGsMIGmMQswCQYDVQQGEwJVUzELMAkGA1UE
CBMCQ0ExETAPBgNVBAcTCFNhbiBKb3NlMRowGAYDVQQKExFEZUxvbmcgQ29uc3VsdGluZzElMCMG
A1UECxMcRGVMb25nIENlcnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEAxMNY2EuZGVsb25nLmNv
bTEcMBoGCSqGSIb3DQEJARYNY2FAZGVsb25nLmNvbQIBFDCBvwYLKoZIhvcNAQkQAgsxga+ggaww
gaYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UEBxMIU2FuIEpvc2UxGjAYBgNVBAoT
EURlTG9uZyBDb25zdWx0aW5nMSUwIwYDVQQLExxEZUxvbmcgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
MRYwFAYDVQQDEw1jYS5kZWxvbmcuY29tMRwwGgYJKoZIhvcNAQkBFg1jYUBkZWxvbmcuY29tAgEU
MA0GCSqGSIb3DQEBAQUABIIBAJMdQEXJv2ONl0YvjSKEgAH2QzyIDaNtSG2qbMMDLgbfIH0DiwJU
84JEOEcTI1XiBzAao5VGUe8B2E0YGtmDDF7PG7iFLZjmdYJDS9AeWlJ27XXVwCgviQRmjf3os915
+e2MSSBuI5JLJwMiFzlrn3fioHlVNMKAj0dnFBZyBLm6UDxY43YuHJUdsYRLLMu4qUoK3lcI6l3a
zMFfogaejyZ1+e8UTIUGaGUFVUsb4PhMJBXonfdSPGOhl6VyaVA/fIg/ZzwKRskZPffJe/ENgRwI
utc4z5tW1A8SWegTc3gnaxrnnqDYpDnkV4rA7Kc+oC4ZW0TcYvEPxW4WsKHv2xMAAAAAAAA=
--Apple-Mail=_ADBBB30B-9A14-4CF5-92EE-8577425B737C--
