[40293] in North American Network Operators' Group
Re: TCP session disconnection caused by Code Red?
daemon@ATHENA.MIT.EDU (Blaz Zupan)
Mon Aug 6 14:47:33 2001
Date: Mon, 6 Aug 2001 20:46:26 +0200 (CEST)
From: Blaz Zupan <blaz@amis.net>
To: mike harrison <meuon@highertech.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
In-Reply-To: <Pine.LNX.4.10.10108061427190.10125-100000@home.highertech.net>
Message-ID: <20010806204329.W90386-100000@titanic.medinet.si>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
> Your routers are brain dead from the load.. routers that are used to
> handling a few thousand connections are being asked to handle 10's of
> thousands. 1 good 1000+ address scan from an ISDN user kills my
> Lucent/Ascend TNT unless we filter for it.
Hmmm, a 7206 should surely be able to handle more than 600 packets per second
or am I wrong here? Our upstream E3 is currently used a maximum of 15Mbps and
at peak time we see about 3000 pps on that link. If 20% of that is TCP RST
packets, that would be 600 packets per second. And I'm sure somebody else on
this list would be noticing this as well, especially with higher speed links.
Blaz Zupan, Medinet d.o.o, Trzaska 85, SI-2000 Maribor, Slovenia
E-mail: blaz@amis.net, Tel: +386-2-320-6320, Fax: +386-2-320-6325
