[c-nsp] Bogon Filter - Least Resource/CPU intensive method?
Justin M. Streiner
streiner at cluebyfour.org
Thu Mar 6 13:03:30 EST 2008
On Thu, 6 Mar 2008, Justin Shore wrote:
> Jeff Kell wrote:
>> Justin Shore wrote:
>>> Personally I'm still using ACLs on my border routers. At this point
>>> in time I want the ACE hit counters for those rogue packets
>>
>> Hrmmm... will these show up in netflow in some identifiable fashion?
>
> That's a good question. I'm not sure if NF will get the chance to log
> the flows before the ACL drops them. I'll check my flow dumps to see if
> I can figure that out.
Depending on the implementation, the destination interface of flows that
get dropped by an ACL might show up as Null0.
jms
More information about the cisco-nsp
mailing list