[c-nsp] Sinkhole Routing
Amol Sapkal
amolsapkal at gmail.com
Fri Oct 1 14:09:55 EDT 2004
On Fri, 1 Oct 2004 09:38:09 -0600, Danny McPherson <danny at tcb.net> wrote:
> Seems like some of the folks here are confusing blackholing
> with sinkholing. Blackholing usually means you discard the
> traffic at one or more points in the network, while sinkholing
> typically means traffic is diverted (either to offload process
> from a router, to divert to a honeynet for further analysis,
> to doing some fine-grained mitigation such as via a Cisco
> Guard, etc..).
Yes, this is precisely what I am looking at. I want to offload my
7513's cpu processing taken up by the ACLs.
But what I am wondering is about the trade-off. Whether router will
eat up more cpu while blocking traffic on the ACL or while switching
it to my would-be sinkhole router.
--
Warm Regds,
Amol Sapkal
--------------------------------------------------------------------
An eye for an eye makes the whole world blind
- Mahatma Gandhi
--------------------------------------------------------------------
More information about the cisco-nsp
mailing list