[39542] in North American Network Operators' Group
Re: whatever happened to RED? (was: Improving Robustness...)
daemon@ATHENA.MIT.EDU (Simon Leinen)
Fri Jul 13 10:12:48 2001
To: William Allen Simpson <wsimpson@greendragon.com>
Cc: nanog@merit.edu
From: Simon Leinen <simon@limmat.switch.ch>
In-Reply-To: <3B4EDF75.76456048@greendragon.com>
Date: 13 Jul 2001 16:12:17 +0200
Message-ID: <aar8vk7wam.fsf@limmat.switch.ch>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
>>>>> "was" == William Allen Simpson <wsimpson@greendragon.com> writes:
> Didn't we have a solution to this problem? And the UDP flood from
> Real? And a host of other problems with saturated links?
> My operational issue is: what is the status of RED? Being small and
> only having cisco and *nix routers, I'd expect it was widely
> deployed.
RED alone doesn't help much against flooding attacks. You'd need
something like "RED with penalty box" or (flow-based) WFQ, and those
are either in research status or have other fundamental problems.
Don't get me wrong, RED is extremely cool - buy only routers that
support this at line rate, and configure it on any interface where you
expect even a slight chance of congestion.
--
Simon.
