[c-nsp] Re: FE ignored errors
Nick Shah
Nick.Shah at aapt.com.au
Sun Dec 19 23:53:17 EST 2004
Jon
> In most cases, nothing. Just 1 PA-FE-TX per VIP2-50 (with 128/8).
We run VIP4-80 & / or VIP4-50 with 128/64. I think 8 MB of packet SDRAM
is/maybe a bottleneck. However, since it was never a problem for me, I
never looked into the Packet sdram
>Is anyone else still (ever?) doing nachi or SQL slammer filtering at
their borders?
In the network, yes. (on the access devices, facing customer, it is
somewhat effective)
On the borders the only sensible way is policing ICMP. This takes care
of past/present/near_future ICMP issues. The idea is that "why would you
want more than 1% of ICMP traffic". We police at around 10MB per 1.2G of
international peering circuits.
>With 1 FE per VIP2-50, I don't believe oversubscription is an issue.
Cisco claims the VIP2-50 can do:
100kpps switching capacity
400mbps aggregate bandwidth capacity
Typical pps for us on these interfaces is 10-30kpps.
Yep, I agree.
rgds
------------------------------------------------------------------------------
This communication, including any attachments, is confidential. If
you are not the intended recipient, you should not read it - please
contact me immediately, destroy it, and do not copy or use any part of
this communication or disclose anything about it.
------------------------------------------------------------------------------
More information about the cisco-nsp
mailing list