[c-nsp] Bogon Filter - Least Resource/CPU intensive method?
roy
bandwidth.user at gmail.com
Wed Mar 5 05:42:36 EST 2008
Hi,
On Wed, 2008-03-05 at 20:58 +1100, Whisper wrote:
> In what circumstances would 1 method be prefered over the other, if at
> all?
>
IIRC, "ip route bogon/net null0" will filter on near line-rate based on
destination addresses.
rpf (strict/loose) on the other hand will accomplish a somewhat similar
solution as with your acl to filter packets based on source addresses
consuming less resources (assuming you have [full|known] routes to
desired destinations).
Would gladly accept if someone can correct me on these points.
BR,
roy
More information about the cisco-nsp
mailing list