[191874] in North American Network Operators' Group
Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against
daemon@ATHENA.MIT.EDU (Saku Ytti)
Sat Oct 1 06:43:21 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <c8ca6eb9-8eeb-93d7-1bd0-077a16eee310@interia.pl>
From: Saku Ytti <saku@ytti.fi>
Date: Sat, 1 Oct 2016 13:43:16 +0300
To: Pedro <piotr.1234@interia.pl>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On 1 October 2016 at 10:03, Pedro <piotr.1234@interia.pl> wrote:
> We had situations, that we lost all our bgp sessions, not even only on ports
> where flood was coming. Just cpu overloaded. I don't care about support too
> much, there are cheap enough to have spare.
What is the device you're trying to protect? Perhaps it supports
reasonable CoPP features so that you can protect it directly on
itself. To do this CoPP on neighbouring switch, you'll need unique
policer for each and every BGP session and ARP, your switch may not
support this and it is provisioning nightmare.
--
++ytti
