[c-nsp] 6500 under DDoS

Blaz Zupan blaz at inlimbo.org
Tue Jul 27 15:47:35 EDT 2004


> A Sup720 should easily handle this traffic. Are you seeing any errors on
> your port going to them ? Is there anyway you can paste your port config and
> maybe theirs ?

Well, our side is a Juniper, so I don't think the config is relevant in this
case, but just in case:

interfaces {
  ge-0/3/0 {
    unit 407 {
      vlan-id 407;
        family inet {
          filter {
            output customerX;
        }
        address x.x.x.x/30;
    }
  }
}

The filter is just a rate limit 200Mbps (which they never reach). On our
side, they are just a VLAN going through a Cisco 3550. I just received a
mail from them with the interface config, unfortunatelly without the
contents of the BORDER-INP and BORDER-OUT access lists.

interface GigabitEthernet5/2
 ip address x.x.x.x 255.255.255.252
 ip access-group BORDER-INP in
 ip access-group BORDER-OUT out
 load-interval 30
 no cdp enable

interface GigabitEthernet5/1
 no ip address
 load-interval 30
 switchport
 switchport access vlan 99




More information about the cisco-nsp mailing list