Hello:
recently I have been investigating the merits of a policy our company (an
ISP) has with regard to DoS attacks. Specifically, when our customers are
under attack, unless it is adversely effecting our network, we do not
intervene. Is there any merit to this Policy? What are the concerns (
besides the added administrative burden) over ACLs applied to a T1 p-t-p
customer interfaces (channelized DS3) or T1 frame-relay customer (point to
multipoint framed DS3) or ATM customers of various bandwidths riding ATM
0C3?
These Access routers are 7500 series routers running dCEF mostly with VIP480
line cards (In some cases we are using HSSI cards that I don't believe run
dCEF.)
The transit links are mostly FastEthernet though in some cases are GigE.
Both are connected to Catalyst 6500 switches that have GigE connections to
GSRs.
Also, I have heard of NetFlow and would like to know if anyone has had
success in using it with dCEF.
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:11:55 EDT