[66689] in North American Network Operators' Group
Re: Nachi/Welchia Aftermath
daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Tue Jan 20 20:18:23 2004
Reply-To: "Rubens Kuhl Jr." <rubens@email.com>
From: "Rubens Kuhl Jr." <rubens@email.com>
To: "Donovan Hill" <lists@lazyeyez.net>, <nanog@merit.edu>
Date: Tue, 20 Jan 2004 23:15:56 -0200
Errors-To: owner-nanog-outgoing@merit.edu
> > Flow-based: Foundry with IronCore modules, Cisco Catalyst 6500 with
Sup1(A)
> > Prefix-based: Foundry with JetCore modules, Cisco Catalyst 6500/7600
with
> > Sup2(A), Sup3(A/BXL)
> Where do the Extreme and Juniper fit into this?
Private and public answers to my question indicate that both Summit 48i and
Black Diamond from Extreme are flow-based; Juniper doesn't make layer 3
switches, but their routers also do prefix-based forwarding; Cisco routers
also do prefix-based forwarding at usual configurations.
Also of notice, flow-based forwarding is not the only thing that makes a L3
device suffer at worm attacks. If a directly connected interface is an
Ethernet (or any other medium that is not point to point), ARPing for a lot
of new addresses per second can also do harm.
Rubens
>
> >
> > ----- Original Message -----
> > From: <haesu@towardex.com>
> > To: "Brent Van Dussen" <vandusb@attens.com>
> > Cc: "NANOG" <nanog@merit.edu>
> > Sent: Tuesday, January 20, 2004 9:46 PM
> > Subject: Re: Nachi/Welchia Aftermath
> >
> > > lesson learned:
> > > stop using /makeshift/ layer3 switches (without naming vendor) to run
> > > L3 core
